1. 5

  2. 3

    When I was a teenager I got pretty excited when I realized that classical public key algorithms and things like Diffie–Hellman key exchange are really easy to turn into code - in a simple don’t rely on it for anything kind of way. I think it would be a really eye-opening thing to do that in school, potentially even in schools that don’t really go into computer science, maybe even as math. I don’t mean getting a secure version, but it would both take away that shroud that almost makes it look mystic, and get people to understand the basic concepts of something that they nowadays interact with constantly.

    Of course care should be taken to make sure that a lot of additional things need to be considered to create something you want to use, but I think that is kind of the same in physics and chemistry classes, so I think it should work for cryptography as well.

    And when that is covered it can be combined with some security related topics, such as choosing secure passphrases, and what can happen with password reuse. I can imagine these things, when they are taught at a young enough age, before people start to drop out of school in most situations this would really help a great deal with the day to day “X has been hacked” scenarios. Right now companies have people come there every few months or years to get everyone up to speed when it should really be something for everyone using a device connected to the internet.

    On a related note I’m often pretty shocked to find a senior developers not knowing the the definition public key cryptography and private and public keys. Randomly pasting private keys everywhere is the next step. But then I don’t know whether that’s more shocking than the amount of people I’ve seen without even reading the error re-trying commands with sudo, obviously not knowing what they are doing. And while I can imagine specific areas where that might not be something they deal with I certainly don’t think that’s okay for most people, because whether you have a web or a mobile app you are pretty much forced to use it in one way or another. If everyone learns in physics leans the basics of how a motor works, I think everyone should learn how security and cryptography work. If it burns down some of security bullshit/theater/snake oil business models even better!