Anyone more qualified than me (read: nearly everyone on this list) wish to comment on this analysis of a crypto-related vulnerability disclosure in LastPass? http://tobtu.com/lastpass.php -- @kylemaxwell