What's so funny? WAS Re: rotor replacement

phr at localhost.localdomain phr at localhost.localdomain
Mon Jan 24 21:10:57 EST 2005

James Stroud <jstroud at mbi.ucla.edu> writes:
> Applications that lack features force users to accept a limited feature
> set or they use an alternative program with other limitations. Putting
> the possibility for cryptographic storage increases the utility of any
> application that stores data, and it could be done without much work if
> it were properly included in the core distribution. I have found it
> amazing how few programs include encryption as an option. I believe this
> is because its hard for programmers to include it and/or they falsely
> reason that "if I don't need it, the user doesn't", which is up there
> with "if I can't see them, then they can't see me" in terms of bad logic.

The likely-best-known Python application in the world (probably more
people have heard of it than have heard of Python) originally had
crypto (an AES module distributed as a C extension with the beta test
versions of the app) but the crypto was brutally ripped out of the
application for the final release (you can still see scar tissue in
the code where the crypto was, i.e., there's still a function called
something like "encrypt_packet" which no longer actually encrypts the
packet).  I haven't found out exactly why the crypto was removed so I
can't be certain that it's because of cross-platform installation
headaches.  I do know that its author wanted an AES module in the core
to use for that application, in order to not have to distribute a C
extension, and he did some of the early work with me on writing such a
module to submit for that purpose.  The module I ended up proposing is
an offshoot of that effort.

More information about the Python-list mailing list