Hacker News new | past | comments | ask | show | jobs | submit login

NIST, whose guidelines, somehow, even other federal departments and agencies usually don’t follow.

NIST has very good password complexity and management guidelines. Just USE THEM! It’s not that hard!

How do you have billion dollar companies that can’t RTFM.




NIST whose guidelines are admissible in court and a competent judge will take over expert testimony. (an expert witness who says something that contradicts these guidelines is guilty of perjury, though good luck persecuting that)


The rules of evidence govern what is admissible in court and I don’t recall any rule pertaining to NIST guidelines. I think what you might mean is that the guidelines are a learned treatise which, while it would be hearsay for me or you to quote as a fact witness, is nevertheless something an expert witness can refer to.


Perjury is lying under oath, not disagreeing with government guidelines.


On one hand, I agree that just disagreeing with a guideline isn’t perjury. Especially in a case like this where lots of the industry still uses the old (bad, imo) plan.

On the other, an expert witness has specifically represented themselves to be an expert. Is there any level of incompetence that raises to the level of perjury in that case? IMO there ought to be.


That would be argued in cross-examination. A witness can be shown to be not a good witness. Perjury is very specific to knowingly lying while testifying under oath. We really don't want to expand it to areas of ignorance or disagreement; that way would stop people from testifying entirely.


An expert is someone who claims to know though, and thus if they say something that contradicts established facts they are lying under oath.


This is not even near the truth. An expert (under Daubert) is someone who convinces the court they can say something relevant and reliable based on a technique that passes a test concerning:

Whether the technique or theory in question can be, and has been tested; Whether it has been subjected to publication and peer review; Its known or potential error rate; The existence and maintenance of standards controlling its operation; and Whether it has attracted widespread acceptance within a relevant scientific community.

The expert does not “know.” The expert is the only witness who can give an opinion, more or less. Because the opinion is backed up by something, the court considers it useful.

The technique they use is what’s important, not whether their opinion contradicts a fact. I think you will find in many expert trials, two experts get the same facts and come to two completely contradictory opinions, neither of which is perjury.


Are there any examples of the former that you know of? Or is this just optimism?




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: