Real talk: are people saying they wanted this to be secure? If we are going to d... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		saurik on Nov 27, 2021 \| parent \| context \| favorite \| on: I faked tons of Covid passes – “Weak Key Cryptogra... Real talk: are people saying they wanted this to be secure? If we are going to do this "vaccine paperwork to do anything" regime, I wouldn't want it to be some super secure mechanism that had digital proof of personhood provided by some government entity with an unhackable key! This key size frankly seems like the perfect balance: it took some months for someone to get around to breaking it, and then it took some months for a service that used that cracked key to become popular enough to make a real impact on safety, and maybe maybe just maybe soon we won't need this anymore, and none of these existing digital records will be trustable... and, if we are stuck doing this for another year, we should roll another weak key. (If nothing else, if you make an actually secure mechanism that ties a person to their vaccine record with a signature, you just know that tomorrow some WorldCoin-like company is going to try to use it for some stupid crypto "airdrop" ;P.)

barbazoo on Nov 27, 2021 [–]

Why though when it's very little effort to use a stronger key? What's the downside?

walterbell on Nov 27, 2021 | [–]

Dystopian sci-fi is for mental immunization, not emulation.

closeparen on Nov 27, 2021 | | | [–]

Dystopian sci-fi is when carefully crafted internet memes convince people to kill themselves and each other en masse. We're well past that point.

barbazoo on Nov 27, 2021 | | | [–]

What do you mean by that?

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact