Posting a news article without context or response from Veracode is weak. Chris Wysopal stated the static crypto checks were run to check if the API's were implemented correctly, not implementation of custom keygen.
On Friday, September 6, 2013, Maxim Kammerer wrote: > On Thu, Sep 5, 2013 at 4:48 AM, Tom O <[email protected]<javascript:;>> > wrote: > > Veracode will gladly pwn you. > > > https://blog.crypto.cat/2013/02/cryptocat-passes-security-audit-with-flying-colors/ > http://tobtu.com/decryptocat-old.php > > -- > Maxim Kammerer > Liberté Linux: http://dee.su/liberte > -- > Liberationtech is a public list whose archives are searchable on Google. > Violations of list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. > Unsubscribe, change to digest, or change password by emailing moderator at > [email protected] <javascript:;>. >
-- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
