Crypto Wall of Shame :(

Here I will post anything suggesting bad crypto who's authors didn't respond 4 weeks after I pointed out the bad suggestions. Then I will link to an alternative I found or wrote.

Follow on twitter: @CryptoShaming [0]

Responds and corrections so far: *2* :)

insecure sources and/or binary distribution

Yes, this seems to be very common, but I have to start somewhere.
Sources or binaries are too often offered by insecure download via http without providing checksums.

Kitware (cmake)

Insecure sources and binaries download here: [5]

I contacted them 20150812 and didn't get any answer.


There is a repo on github [6]. (libconfig)

Right here: [4]

As there isn't any contact info I could find in a reasonable amount of time, I'm posting this here right away.


There is a repo on github [1].

Unfortunately it lacks some files to build. As a workaround I added those from the tarball on their homepage

They now added the missing files to build it [3]. I applied the commit to a fork of v1.5: [2]