"i, the CEO of <SecureMessenger>, can tell you that we are not incompetent when it comes to fixing cryptographic vulnerabilities. We simply decided to ship them knowingly in our product after writing them, and never telling anyone in the ecosystem who relies on our code."