In crypto, the "crypto" is the hard part. But now in the space of two weeks we see that folks maintaining the crypto in C can't handle return values.<p>As an industry we have accepted that these libraries are the standard plumbing of security for many years.<p>And they are obviously <i>based</i> on standards.<p>Some <i>other</i> standards are continuous and automated testing to ensure broken code does not make it to production.<p>The last two weeks of Apple and now GNU not being able to competently handle return values in C shows that:<p>They don't have automated testing in place for critical security code. (Anything?)<p>They don't have maintainers in place who understand their own c code.<p>Consumers of SSL code believe in acronym security which does not exist.<p>As an industry since we cannot control the shoddy practices of distributors of security code we must minimally require proof of open transparent automated tests which can be verified by a third party before using any vendors encryption.<p>Goodnight. And may the force "goto" you.