Somebody just told you about a vulnerability in your code. Moreover, they published a paper about it. Even worse, people have been very vocal about it.
What can you do now? The usual (and natural) reaction is to downplay the vulnerability, and try to keep it confidential. After all, publishing a vuln will make your users unsafe, and it is bad publicity for your project, right?

From now on, I am an independent geek! After nearly 2 years at Login People, I am jumping out in the sea to work for myself.

Following LinkedIn's large password leak, I have seen a dangerous thought spread to friends and colleagues:
"so what if my LinkedIn password has leaked? What can they do? Look for a job for me?"

We already have lots of tools to communicate safely, and in some cases, anonymously. These tools work well for their purpose, but spying and law enforcement tools have also improved.

Sort of. Here is a way to do it, but I don't a practical use for this hack right now. But it is fun anyway :)