[114416] in cryptography@c2.net mail archive
Re: Gutmann Soundwave Therapy
daemon@ATHENA.MIT.EDU (Richard Salz)
Fri Feb 1 09:17:22 2008
In-Reply-To: <B93D546E-C23D-48C8-90DB-A872472DB885@solarsail.hcs.harvard.edu>
To: <cryptography@metzdowd.com>
From: Richard Salz <rsalz@us.ibm.com>
Date: Thu, 31 Jan 2008 22:32:25 -0500
> The wider point of Peter's writeup -- and of the therapy -- is that
> developers working on security tools should _know_ they're working in
> a notoriously, infamously hard field where the odds are
> _overwhelmingly_ against them if they choose to engineer new solutions.
Developers working in almost any field should know the history and best
practices -- is PGP's original "bass o matic" any more important than the
code in a defibrillator? -- but this is not the way our field works right
now. Compare it to something like civil engineering or architecture.
Until we get to that point -- and we may never got there, nor want to --
it is probably better to act as mentors than, say, pricks. :) I thought
Peter's soundwave idea was kinda funny, and hopefully lessened the sting.
Guus's note should recommended reading on a regular basis.
If we want to spread the use of crypto, perhaps we should be nicer to
those who are also trying to do the same thing albeit poorly.
/r$
--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
