

Exploiting common crypto flaws (Google Tech Talk) - jremmy
http://rdist.root.org/2009/08/06/google-tech-talk-on-common-crypto-flaws/
Why implementing your own crypto isn't such a good idea. How saving 10 bytes cost the IETF 28 bytes more and compromised the XMLDsig security.
======
NateLawson
Evidence why this kind of talk is needed, ironically on the same day:
<http://news.ycombinator.com/item?id=748430>

~~~
karanbhangui
Hey Nate, I watched your google talk yesterday from work. I've always been
fascinated by cryptography as it seems to be one of the more complicated
branches of computer science. I was trying to find this info online, but to no
avail: what sort of education does one need to have a solid foundation in this
field? And if you don't mind, what's your educational background :D

Cheers and thanks for the educational video!

------
tptacek
I know you just have too much content for the time you're given in these talks
(I doubt anybody in the audience really got the padding oracle thing, for
instance), but I'm still surprised at how few questions you got at the end.

Maybe Hacker News will generate better questions.

~~~
sweis
I was surprised by that too. I usually take that as a sign that either
everybody understands or nobody understands. Hopefully the former.

~~~
tptacek
There was like one guy asking questions at the end of his Yahoo talk, too, and
that guy was just saying "don't use Google's library, use Yahoo's!".

