Matt Blaze@mattblaze@federate.social
Anyway, my intent in looking at locks and publishing my paper wasn't to disrupt the lock industry. I believed, as I still do, that mechanical locks and physical security have quite a bit to teach computing, but also that the abstract techniques of cryptography and computer security can illuminate weaknesses that are hard to see when looking at systems in strictly mechanical terms.
My attack is intuitive and obvious to cryptographers, but rather subtle without our field's tools.
6/
Carl Malamud@carlmalamud@official.resource.org
@mattblaze@federate.social I had a similar experience in an unrelated area (except, of course, that it was @jswatz@journa.host who also wrote it up). After downloading district court records, we discovered a large number of bugs: disclosure of names of minor children, of confidential informants, of medical records, and tons of SSNs and other IDs. The courts went ballistic, they were convinced that the PACER paywall was protecting privacy and by disclosing the bug, I had blown their cover.