This blog is reserved for more serious things, and ordinarily I wouldn’t spend time on questions like the above. But much as I’d like to spend my time writing about exciting topics, som…
One of the most important rules of cybersecurity is: never roll your own encryption.
And what did the guys at Telegram do? Rolled their own encryption.
If you are into Telegram because you think it’s secure, think again.
There are much better alternatives out there, adopting proved industry standards. Signal or Matrix just to name a few.
‘Rolling your own…’ is a comparison to rolling your own cigarettes. That is, creating your own version from scratch instead of using something ready-made.
No, it’s not the rule itself. It’s rather an advice not to do as rolling own crypto is very tricky and complicated thing. You have to be very aware of many possible attacks, how they do work, to create own crypto properly
One of the most important rules of cybersecurity is: never roll your own encryption.
And what did the guys at Telegram do? Rolled their own encryption.
If you are into Telegram because you think it’s secure, think again. There are much better alternatives out there, adopting proved industry standards. Signal or Matrix just to name a few.
What does ‘rolling encryption’ mean (if it’s possible to ELI15).
OP probably meant “to roll out”, meaning: “to deploy”.
Nah, it’s I guess jargon at this point, but it really just means to make up your own crypto algos.
‘Rolling your own…’ is a comparison to rolling your own cigarettes. That is, creating your own version from scratch instead of using something ready-made.
No, it’s not the rule itself. It’s rather an advice not to do as rolling own crypto is very tricky and complicated thing. You have to be very aware of many possible attacks, how they do work, to create own crypto properly
More like “don’t roll your own crypto unless you’re ready to spend years getting it scrutinized and polished”.