Hacker News new | past | comments | ask | show | jobs | submit login

If you're adding encryption support, you're likely adding openssl which brings hundreds of cryptographic primitives you're not going to use. Are you lazy because you didn't write your own RSA? (you can do it in ~3 functions)

That generalisation didn't work well, because as you say - it's about tradeoffs.




I can’t implement RSA in the amount of time it takes me to Google the name of an RSA library.

I can implement left pad faster than it would take me to Google the name of the library, check whether it actually does what I want and then add it to my package manifest as a dependency.


The amount of work needed to write a secure implementation of RSA (you would surely need a library like gmp to handle big numbers) is not worth my time, I would gladly trade that against some download/compilation time.

The same goes for efficient map/reduce framework or even a key/value database (what's wrong with using BerkleyDB/SQLite instead of writing your own storage format?).

I need to serialize user-supplied data ? I'm gonna use a library that will handle edge cases I can't think about.

But I'm not gonna use SpringBoot only for its logging facility, or Django only for its ORM, or a BNF parser generator to parse "hello world".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: