In addition, merely having been a systems hacker hardly qualifies one for writing complex crypto software. Without any assurance as to the authors' qualifications for writing a crypto package, or their integrity. Even if I could trust their integrity, I'm very leery of black-box software.
You seem to know something about them that I do not. Care to share your knowledge? Thanx in advance.
Oh, come on. Every decent cryptoweenie knows that you don't trust black box cryptography software. Most amateurs (and the average person writing crypto code is NOT a professional cryptographer) have no idea of what they are doing and produce crap. If you don't know how the program you are buying works, odds are that its one of the majority of programs, i.e. its crap. Throughout the last two thousand years, fools, often individuals who were otherwise rather intelligent, have repeatedly invented new cryptosystems over and over again which were completely worthless. Indeed, virtually everyone thinks that they know enough to build a new cryptosystem -- and virtually no one has bothered to learn how real cryptosystems are broken. This even bites the best of us. Phil Zimmermann tells the story of how he once invented a cryptosystem only to open up a college text on cryptography and see that the problem of breaking his new cryptosystem was so trivial that it was a homework exercise at the end of the first chapter. I, for one, will never use any crypto system for which the algorithm hasn't been extensively published and scrutinized. Perry