Hacker News new | comments | show | ask | jobs | submit login

Sure, it's irrelevant. It adds some color, but it's unnecessary. But who cares? The complaints are not "this writing could be tighter, it wastes words on unnecessary side notes." They are, "oh my god you're hurting this poor fellow's self esteem with your tone!"

It's ironic that these critiques of this review are much dumber than the review's critiques of the book, and implicitly hold a fairly off-the-cuff internet comment to far higher standards than a published book that purports to give important and useful advice about cryptography.

Could this review be better? Sure. But who cares?

Out of curiosity, how could it have been better?

There isn't a whole lot. I think removing some of the emotional language would help. I prefer my technical articles to be a "just the facts, ma'am" and make an effort to write that way myself. I think it could also have benefitted from some additional explanation of the right way, beyond just pointing out the wrong way. For example, I would love to have seen a brief explanation of why hash functions aren't MACs, and why MAC-then-encrypt is the wrong way to do things. I already have a basic familiarity with that (at least partially from some of your previous comments), but I'm sure your explanation would at the very least help cement the ideas in my mind, and probably teach me something new.

That said, I want to point out that I think your review was excellent and it's the kind of thing I love coming across. It many ways, it reminds me of the heyday of Usenet. It's great content and it doesn't need to be better. To the extent that it can be better, it's because nearly any work can be made better with additional effort.

Personally I like the emotional language, because it lets someone slightly less familiar with the field get a sense of how bad each thing is.

A purely "just the facts" version might need a "how bad on a scale of 1-10" or something to get the same information across, and would be less readable.

This is a profound signalling problem. The people who should be most concerned that their data could "have a widespread failure of referential integrity" are sometimes the first to have their eyes glaze over at hearing about it.

That's pretty much a TL;DR of what I was saying in the post you responded to (note the last paragraph).

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact