Having worked for those multinationals and defense contractors, I've seen them buy new products with serious weaknesses in key generation, with year 2000 problems, with stream ciphers used to protect stored data--keyed the same way each time. I've seen them use code that sent cleartext where it should have been encrypting on the wire.
I second this. The pitiful state of "secure code" is shocking. (Actually, I just wrote an essay on the topic. Get a copy for yourself at: http://www.counterpane.com/pitfalls.html.) Bruce ************************************************************************** * Bruce Schneier For information on APPLIED CRYPTOGRAPHY * Counterpane Systems 2nd EDITION (15% discount and errata), * schneier@counterpane.com Counterpane Systems's consulting services, * http://www.counterpane.com/ or the Blowfish algorithm, see my website. **************************************************************************