1. 23
  1.  

  2. 1

    This is kind of the mindset that people in crypto are so vocally opposed to.

    “I did Cryptopals and I follow people on crypto twitter so I thought I could reverse this thing…”

    Ugh. Interesting things in the article, but yeah. Concerning mindset.

    1. 28

      What? What’s concerning about someone having a go at reversing something? Who is so opposed to people trying out new skills?

      1. 11

        To this point, I have always heard the advice around crypto as “don’t roll your own crypto systems until you have significant experience breaking others” - so I’m not sure at all why this should be a concerning mindset.

      2. 10

        Er, why? Actually I think this person is fantastic.

        • Knows they’re in over their head a bit
        • Isn’t intimidated by a weird complicated system
        • Takes a methodical approach to pulling it apart, showing a grasp of principles
        • Sticks to it and succeeds
        • Knows that success in reversing crypto doesn’t mean you should roll your own
        • Ultimately decides to do something smarter
        • But learns a bunch along the way

        Beats 99% of the folks I see on the interweb.

        1. 8

          The paragraph is just telling you what credentials they have. It’s right before the sentence “I’ve had a little exposure to both cryptography and Javascript, but I’m definitely not a wizard at any of this stuff” and it’s right before they say (non-quote) “buuuuuut it wasn’t actually that hard”. The fact that it’s not a degree in cryptography is the point of that whole paragraph.

          1. 6

            There’s nothing wrong with being curious. They even decide at the very end that continuing would be foolish, and they decided to go with SSH.

            1. 3

              … and this is why mere programmers have the overwhelming impression that cryptography is “not for them”