I would add to the people commentating here on HN: tptacek's review is tough; you do not need to lay into the author of this book any more.
Here's a readable version: https://gist.github.com/mikemaccana/10847077
I like that, because my browser window is resizable.
Sorry, but I have a right to an emotional reaction to your content and a right to describe it, especially if the reaction is grounded in objective technical reality. I suspect that younger people have this idea that online descriptions of emotional reactions are fictional and purposely crafted for effect -- mostly having to do with emotional aggression. It's true that sometimes "passion" over a subject is used as a pretext for such aggression. That doesn't mean that it's always true, however. In some cases, it's honesty.
That said, "arrrgh" reactions in a technical discipline often indicate a frustrating failure of outreach, education, or communication. I learned things from reading tptacek's review. Maybe he could supervise the ghost-writing of his own undoubtedly excellent book?
(1) - I was riding the bus and this young man had his sneakers tied to the back of his backpack, the soles of which he was pressing into my chest. I tried discretely hinting to him by pressing back, but he was oblivious, so I brought this to his attention.
I was amazed that his first priority wasn't to apologize or help me out, rather it was that I recognize that he didn't mean any harm. Be correct first, then worry about your own ego second.
> I have a right to an emotional reaction to your content and a right to describe it, especially if the reaction is grounded in objective technical reality
... because while you have rights, being a person who participates in a civilized society means you also have responsibilities, and one of those responsibilities is to interact with people in ways that are appropriate to the situation.
And "appropriate to the situation" changes depending on the nature of the situation. The less serious the situation, the less appropriate a volcanic reaction becomes. Nobody's going to disapprove of you if you start screaming at an airline pilot who you see snorting coke on his way to the plane. But lots of people will disapprove of you if you lay down the same reaction on some poor kid behind the counter at McDonald's because he forgot your French fries.
In the case of this review, I would say tptacek's tone is appropriate, because security is Serious Business (as we should all know, especially after last week); getting it wrong can result in people getting robbed or even killed. So if you're going to put yourself forward as a teacher of crypto, and you're teaching people things that aren't true, you're doing real damage and should be glad a good yelling-at is the worst punishment you have to suffer. But that doesn't mean that the same tone would be appropriate if taken with the kid on the bus, because "annoyingly oblivious" is a long chalk from "could get people killed."
> I take exception to your post
I demand satisfaction! Pistols at dawn, my good fellow! Pistols at dawn!
Ugh. My point in the previous comment -- for the second time -- is not that I'm not comparing the situations. I'm comparing the reactions. Not all cluelessness is equal, and for the second time I never said that! However, oversensitivity to criticism due to a prioritization of feelings/ego generalizes nicely across both situations.
I demand satisfaction! Pistols at dawn, my good fellow! Pistols at dawn!
I only take challenges from people with basic literacy and reading comprehension. Your comments only demonstrate the former, my good fellow. (Or, if this is the 2nd iteration of a deliberate troll through the subtle placing of words in another's mouth, I'll merely comment that I'd be a bit surprised if someone actually thinks this is clever, and note that this would disqualify a challenger though insufficient intellectual integrity.)
To me, complaints about tone are for critiques that contain phrases like "fucking idiot" and "worthless waste of space" and other such direct insults or attacks.
If something legitimately makes you stop and stare with your mouth hanging open, it is OK to say "this statement made me stop and stare with my mouth hanging open." Phrases like "I am not making this up" are reasonable shortcuts to expressing that sentiment.
Could Mr. Ptacek's review have been worded more kindly? Of course. Do I care? Not at all. It was nice enough. It concentrated on technical flaws rather than personal attacks. It was informative and useful. The tone was just fine.
It's okay if you are writing a story about your personal reactions.
It's irrelevant if you are writing a serious critique, which should be about the content, not about your emotional response to it (assuming it is a critique of an informative work -- obviously, if you are critiquing something as a work of art intended to inspire emotional responses, writing about your response as some relevance.)
It's possible to blend the first kind of story with the second kind of critique, but you have to recognize the different roles of each, do it deliberately, and be exceptionally skilled (the set of people who can do this and produce something worth reading is a proper subset of the intersection of the sets of those who can write entertaining personal stories and those who can write valuable straight critiques.)
That being said, tptacek's review seems pretty focussed on substantive critique with very minimal emotional distractions, so while I disagree with the categorical defense of the individual statements at issue as being appropriate to a straight critique of an informative work, I also think that the charge that the tone was inappropriate and a barrier to reading is overblown considering the fairly minimal level at which distracting emotional descriptions are present in the review.
It's ironic that these critiques of this review are much dumber than the review's critiques of the book, and implicitly hold a fairly off-the-cuff internet comment to far higher standards than a published book that purports to give important and useful advice about cryptography.
Could this review be better? Sure. But who cares?
That said, I want to point out that I think your review was excellent and it's the kind of thing I love coming across. It many ways, it reminds me of the heyday of Usenet. It's great content and it doesn't need to be better. To the extent that it can be better, it's because nearly any work can be made better with additional effort.
A purely "just the facts" version might need a "how bad on a scale of 1-10" or something to get the same information across, and would be less readable.
At 49, I see the exact opposite. Members of my generation tended to exhibit more tact and decorum. The urge to dress like a hobo, swear all the time, and flame everyone in sight is a classic overcompensation for years of helicopter parenting which forbade all of these things.
"In some cases, it's honesty."
In others, it's honesty used as a pretext for acting out.
Note I also make this observation.
Also note that I am specifically pointing out reactions to criticism. The other changes in decorum have been noted by previous generations since at least the 1800s. Waltzing was once a lascivious corrosive to society's morals.
Also: we are likely less than 4 years apart in age. I could do with more decorum, as I've been learning over the past 4 years.
This is presuming that such fear is always the input to a conscious decision. That doesn't fit my observations of human nature. Power relationships always have some bearing on the nature of an interaction, so what you're saying is comparable to telling an aquatic species that they're wet.
Also, going by what you say, you should have more respect for those who tell truth to power, or tell their more famous/more highly regarded colleagues the plain truth. Perhaps tptacek should be more humble because he's more famous, but if it comes to the choice of him being frustrated by widespread crypto cluelessness or by a desire to dominate others, I think the former makes far more sense.
Regarding tptacek, I suspect that if he had sent this to the author, or posted it as a formal review, I suspect he would have toned down the description of his reactions. I'm not sure where this review came from, but my impression is that he did not think of it as a published review that the author would see. Certainly doing such would be advisable, as people are more receptive to criticism that way.
Perhaps I am wrong regarding how tptacek would have responded had he known the review would be, essentially, published. But I know I phrase things differently in such situations.
A better way of apologizing is actually apologizing. The young man's reaction was more like exasperation that I should have been put out.
My impression is that the comment was/is a comment on social media. My comment was written in that context.
Why hurt someone when you can avoid it?
Having said that: had I written the "review" as an actual "review", and not as an oversized HN comment that I had to make a Gist out of to get it onto the site, I would have written it more carefully.
As long as criticism doesn't cross the "bright lines" of ad hominem or gratuitous ridicule, as a third party reader, I much prefer the targets toughen up, rather than the critics soften their language. And there are way more third-party readers than critics or their targets.
My hypothesis is that people expect text that has no obvious signs of being an Internet comment to use the more 'serious' language and this case (an Internet comment that is a bit longer than usual) is being classified wrongly as a result.
It's ridiculous to simultaneously say that a piece of writing devoid of context is being classified in a certain way and to say that it contains that's inappropriate for that classification.
The mere presence of phrases like "I am not making this up" tells you that this piece is not intended to be too serious. To say that it's intended seriously but contains non-serious language is a flat-out contradiction.
It could make sense if it was published in some context, like a serious blog or a news site or something, which implied seriousness. But it's a naked text file on the internet. It doesn't have to take a serious tone.
That said, it's funny that most these rants aren't ad hominem, unlike some of the "formatted" vitriol which attacks you without really seeming to do so.
Someone should watch EEVBLOG on Youtube, Dave Jones does reviews and teardowns of electronics.
There was a rant over PICKit3 where he voiced his frustrations with the new device (that wasn't better than the old one, and took out nice features, replaced things that worked perfectly with things that were sort of dumb) which triggered Microchip to answer with a funny video their own.
Your tale about the boy ... Arrrghh ! I don't want to go off topic, but man, I think nothing gets diluted more than values each year.. Well, except shares of a startup once VC's get in.
The "I am not making this up" thing came in the context of recommending ASN.1 for instance. If that were a chess match commentary, this is where the scorekeeper would have put a "??" after the move to note the shock.
And note what tptacek's comment was not: It wasn't a bunch of personal attacks, or swearing. Some of the commentary was "more than professional", to be sure, but that's exactly the kind of commentary you should hope to get in highly-demanding, highly-selective fields.
You want to know what a perfect book review would look like in the Navy's nuclear propulsion program? It would be this: "No deficiencies noted."
I agree that it wasn't especially bad, it could just be worded a bit better to spare feelings.
Tptacek could have chosen to say that differently, but it does add value as written. I have no idea what ASN.1 is; simply telling me that the book contains that string doesn't mean anything to me. Telling me that it was a stupid thing to say doesn't teach me about ASN.1 or crypto, but it does teach me about the book.
When working through basic knowledge to mastery of a topic, attempting to teach someone else is an extremely effective way to organize your thoughts and learn yourself. This is why graduate students teach undergraduate students.
The author of the original book shouldn't feel shame for making the mistake of working toward mastery of the topic. But racing to publish is dangerous when the topic is as serious as (heart surgery or) cryptography. A stern warning is worth repeating.
Most of us already read the review anyway.
while the factual content of tptacek's review may be spot on, his overall tone is very negative and smacks of "only experts allowed" logic. while he could have easily helped improve kyle's book and shared these comments privately, he instead chose to lambast kyle publicly, which doesn't really help anybody: tptacek looks like a total jerk and kyle now has a lot of negative attention on (this version of) his book.
this pervasive "experts only" attitude is a big part of why "secure" open source projects have hard times getting and keeping contributors. it is par for the course for people to be super rude and negative to new participants instead of trying to encourage them to improve and learn. this lack of contributors then has a whole array of negative secondary effects, like less people reading the code for the project.
If the author instead put together a book on how a layperson could perform open-heart surgery, you're damn right that actual surgeons would jump all over it.
There is some strange pervasive attitude/arrogance in tech that all it takes to be good at something is to be smart and give it a try. Why learn the theory/fundamentals when you can just start coding?
For building a web app, sure. But security is not one of those things. You actually need to learn the fundamentals and theory, and even then, need lots of experience.
1: Don't implement features you don't need. Nobody needs TLS heartbeat. Nobody. Don't implement it until you have a use case and the calling code in hand.
2: Test the features you do implement. What happens if this field is the minimum? The maximum? A power of 2? A power of 2, less 1? Negative when treated as signed?
Maybe the tone could have been a little softer, but this should not have been done privately. The criticism of the work needs to be just as public as the work itself, so that people who might have been misled have a chance to see why.
And we, of the Internet age, should be shocked to learn this is no longer true! Eric Drexler once proposed that hypertext would save the world by allowing such peer review. Just what are we collectively missing when it comes to crypto?
That doesn't apply for a book. Keeping the critique private for a week doesn't help the readers at all. In fact it harms them by keeping incorrect information in play and uncorrected for longer. Perhaps it softens the blow to the author's ego, but that is not at all what "responsible disclosure" is about. Helping out misinformed readers takes precedence over the author.
That all said, I still think we can treat each other better. Honest question: was it necessary to destroy it in such detail? Was it necessary for the effort of attack on the "crypto box" front? It seemed personal.
 Contacting the author first doesn't necessarily preclude timely notice "this book is flawed" out to readers.
If tptacek hadn't destroyed it in such detail, his review would have consisted of saying "Hey, this book is pretty bad; it's got some very serious issues, and makes some pretty terrible or misleading recommendations. My suggestion: do not read it".
Would that be better? Or would you be complaining that "Well geeze, it's not helpful to say that the book isn't good; you have to go into some detail about what the problems are so that everybody can learn!"
The idea of asking for LESS DETAIL in a criticism of a topic is bizarre. How much detail would you prefer?
I really truly cannot understand the critique of an "experts only" attitude when it comes to technical books that make important recommendations for building critical systems. By all means, non-experts should experiment and build and learn. But non-experts definitely should not be giving out large quantities of advice in an authoritative tone.
It helps people who might have read the book and learned to do things the wrong way.
We can model this as "Kyle has disseminated harmful material, and tptacek is trying to contain the damage". Kyle's feelings, intentions, and hard work aren't irrelevant; but they're not what we should be focusing on.
Publishing a book like this sends a strong public signal of deep expertise.
I have not found tptacek to be overly rude or negative when offering advice to journeyman cryptologists. But a journeyperson should not necessarily be publicizing their how-to guides yet.
Here, your attitude causes two problems.
First, you know and apparently like Kyle Isom, and so I presume you're also ready to tell me that he's an adult and a professional. Professionals do one of three things with criticism: ignore it, rebut it, or learn from it. My assumption has been that Kyle is choosing options (1) and (3) from that list. But here you are, inventing option (4): "get indignant about it". I wonder if you've thought about the extent to which people will attribute that response not to you, but to Isom.
Second, whatever you might think about the tone of my feedback, it's clear that Isom needs additional technical review for his book. Whipping up a totally unproductive us-versus-them narrative about "jerks" versus "open source" does the opposite: it generates drama. Even if you think my review was itself dramatic, piling more drama on doesn't make Isom's work more attractive to experts.
I'm not sure how big of a deal either of these issues are, but they're a bad habit for message board denizens. The exact same thing happened to Willem when he wrote his critique of the Akamai allocator, and Hacker News had a totally unproductive drama storm for a couple hours before Akamai (a) thanked Willem and (b) acknowledged that he was absolutely correct. Read the Akamai comments on the HN thread, and apply them here, substituting "Kyle Isom" for "Akamai", and I think you'll see that they apply.
Finally, I'll admit to being personally irritated by the claim that I operate from "experts only" logic with regards to cryptography. There are at last count something like twelve thousand people who have reached out to us for our free crypto challenges, and thousands of those people have gone on to solve multiple sets of challenges (something like 60 people have finished the first 6). Every damn one of those people is an email exchange that me, Sean, or Marcin had to have directly, on our own time, with no compensation --- the opposite of compensation, in fact, because we donate to charity when people finish them.
There are a lot of people on the Internet to whom you could direct the "experts only elitism" criticism regarding crypto. I am not one of them.
What's more annoying about that bogus critique is how it muddles a real issue. I'd like many more people to understand crypto and, particularly, what goes wrong when it's implemented naively. But I'd like far fewer people to plow ahead and implement their own broken stuff. The track record on amateur cryptography is bad, and what developers don't like to acknowledge is that the badness that work generates is an externality to them. People have in the real world been hurt, physically, because of broken amateur crypto. It is hard for me to take the hurt feelings of developers all that seriously by comparison.
The accusation of elitism on your part is not a new one, I don't think, to you - I found myself levying the same accusation when you decided to single out the CryptoCat project as a distinctly "bad" project, due to the number of issues that came up during the most recent security review, despite the fact that it's one of a very select group of open source projects even undergoing such reviews.
You say things like, "amateur cryptography" when it makes little to no sense. This book wasn't written for free, it was actually professional crypto, even if it had fundamental problems; it's bad crypto, not amateur crypto. When you do things like that, it comes off as elitism, whether or not you're intending it to.
Your criticisms of the book are indeed valid, but the obvious derision you apply when calling professional efforts such as this book and Cryptocat "amateur" is precisely the kind of behavior and attitude that keeps the state of crypto so backwards and slow, and is exactly the kind of drama you (correctly) lambasted earlier in this comment chain.
Sometimes expertise is actually required.
Not to mention the need to have to filter through all the BS criticism. I've read people arguing that there was no issue in having the e in RSA (the public exponent) equals to 1. Really.
It eludes me how you turn someone's terrible custom crypto into a parable about how we should be nicer to custom crypto.
Briefly, I was doing a single RSA encryption on the client and corresponding RSA decryption on the server as part of a login procedure, and using e=3 (which, at the time, was considered acceptable by most experts). Due to licensing issues the client code had to be all ours, so I was using an old arbitrary precision integer library I had written years before. It was not super fast. The multiplication wasn't too bad (Karatsuba), but division was the classical division algorithm. On the server there were no licensing issues, and I was using gmp.
So I had this "brilliant" realization. Why not do the division ON THE SERVER? The client could simply compute M^3 and send that to the server. The message would be 3 times longer but bandwidth was cheap. The server could then do the modular reduction.
I quickly made the change to the client and then started to revise the server code, when it occurred to me that since the client had made no use whatsoever of the modulus there must be a way to decrypt the message without using the modulus--like by just taking the cube root. Doh!
There's an interesting real-world RSA bug related to yours: in the absence of proper padding, it's possible that e=3 RSA of a small plaintext might not wrap the modulus. A similar cube root operation produces a signature that naive implementations (the ones that check the digest embedded in a signature block, but not the padding) will validate, despite the attacker lacking the signing key. That bug bit Firefox's NSS library; for a little while, it was possible to use a short Python script to forge any certificate.
(That bug is due to Bleichenbacher, who called it a "pencil-and-paper" attack in the rump session he presented it in).
e=3 RSA isn't insecure per se, but it does magnify the impact of other vulnerabilities, and so it's best avoided.
As my literal not-making-this-up favorite HN commenter and someone who has previously expressed an interest in crypto, I'd love it if sometime you could take some time to demolish our crypto challenges. I'd be happy to send them all at once to you.
 by "theory" I mean vigorous and convincing hand waving and white board diagramming...