I stumbled across a pretty fantastic comment the other day on Hacker News that I wanted to share. The comment was in response to an article on GPG (GNU Privacy Guard) posted by an encryption expert. The encryption expert explained that he felt it was vitally important that someone create a more usable successor to GPG. Here’s user sillysaurus’s response to this idea:
You know you’re one of only a few people in the world who is in a position to do that, right? Anyone else would (rightfully!) get torn to shreds on HN by tptacek or yourself. And I say “rightfully” because it is very likely that other people would screw up some central aspect to the security of any new product that claims security.
It’s not just that, though. Anyone else with your knowledge but no standing would be scorched for saying what you just said. “Throw away the one thing that has proven to be secure and write our own protocol” doesn’t go hand in hand with “serious cryptographers trust what this person is saying.”
The truth is probably that either you do this or nobody will.
You should. The world would be better for it.
I love this comment because it’s such an earnest plea to stop kicking the can down the road. Too often, no one else ever gets around to the task. No one else is more qualified than you are, right now. So stop complaining or get to work.
For those who want to read more, here’s a link to the full Hacker News post.