On Tue, 4 Aug 2009, [email protected] wrote:
Yes, but a wise man without a PR agent doesn't do the *rest* of the community much good. A Morris or Bernstein may *see* the problem a decade before, but it may take a Mitnick or Kaminsky to make the *rest* of us able to see it...
Same thing to get the industry to scramble to get rid of MD5 in SSL-certs, known for a long time, when it was shown to be practical it didn't take that long to get rid of.
People want proof, not theory. -- Mikael Abrahamsson email: [email protected]
