Hacker News new | comments | show | ask | jobs | submit login

There isn't a whole lot. I think removing some of the emotional language would help. I prefer my technical articles to be a "just the facts, ma'am" and make an effort to write that way myself. I think it could also have benefitted from some additional explanation of the right way, beyond just pointing out the wrong way. For example, I would love to have seen a brief explanation of why hash functions aren't MACs, and why MAC-then-encrypt is the wrong way to do things. I already have a basic familiarity with that (at least partially from some of your previous comments), but I'm sure your explanation would at the very least help cement the ideas in my mind, and probably teach me something new.

That said, I want to point out that I think your review was excellent and it's the kind of thing I love coming across. It many ways, it reminds me of the heyday of Usenet. It's great content and it doesn't need to be better. To the extent that it can be better, it's because nearly any work can be made better with additional effort.

Personally I like the emotional language, because it lets someone slightly less familiar with the field get a sense of how bad each thing is.

A purely "just the facts" version might need a "how bad on a scale of 1-10" or something to get the same information across, and would be less readable.

This is a profound signalling problem. The people who should be most concerned that their data could "have a widespread failure of referential integrity" are sometimes the first to have their eyes glaze over at hearing about it.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact