From tptacek's comment, it sounds like the author of the book may just be an inexperienced practitioner of cryptography who's only crime is to be too eager to spread what they've learned.
Someone who picked up the basics from a few Wikipedia articles here, a few papers there, a couple open source projects here and there... they're smart, so they're not completely clueless about the field, but they just don't have the experience to see where they fall short, the industry know-how, and so on.
I feel like instances of this in the tech community are not too rare, and it's a consequence of the internet: anyone can publish a book and distribute it all over the world now. It's worth keeping in mind that while harm is being done through the spread of false information, what's most important is to educate them, see this as a teachable moment, so they can become productive experts and modify their message to be fully correct. Of course, it requires them to be open minded of their shortcomings: but it can be done.
PS: I have no clue who the author of Practical Cryptography With Go is.
An "inexperienced practitioner of cryptography" should not be writing a book about cryptography. It's great that such a person is learning, but you shouldn't be trying to pass on such information at that stage.
Remember that being wrong about something feels exactly the same as being right about something, so (extending "being wrong" to "being ignorant") unless somebody tells them they won't know they still have stuff to learn.
>Remember that being wrong about something feels exactly the same as being right about something
Not if you extend being wrong to being ignorant, no. When you're right about something in the sense of not being ignorant, you understand all the discussions and news easily, you know exactly what everyone is talking about, including reading academic articles on the subject, etc. When you're wrong about something your wrongness butts up against the correct model again and a gain and you're often left confused or unable to understand the actions, discussions, arguments, and conclusions, of others. (As opposed to seeing specific places they are wrong.) You can feel this lack of understanding. It just doesn't feel the same way as properly understanding a subject at all.
I would argue that this review is saying that the author's understanding falls a little short of par for the course. The author would probably have had a chance to see this for themselves by getting a little more into the literature.
As bad as it may seem I've found that saying incorrect things results in more learning than staying quiet so I often say incorrect things but things I think are true. I'm embarrassed when I'm wrong but I always learn from it. I also ask "why?" a lot and "what is that?" if it makes sense to (or just Google it later). I learn this way. It helps solve ignorance. It doesn't make me a faster thinker which is something I may not be able to fix, and it doesn't help improve my motivation to learn more which I need to do more of instead of playing video games or creating things.
Writing a book to teach other people should not be considered first and foremost a way to learn a subject. You may learn when corrected, but at the expense of the readers that read the mistakes and did not see corrections. This is more important the more advanced or important the subject.
I would not write a book on structural engineering to learn the subject or become an expert. The stakes for the misinformation being spread are high.
Someone who picked up the basics from a few Wikipedia articles here, a few papers there, a couple open source projects here and there... they're smart, so they're not completely clueless about the field, but they just don't have the experience to see where they fall short, the industry know-how, and so on.
I feel like instances of this in the tech community are not too rare, and it's a consequence of the internet: anyone can publish a book and distribute it all over the world now. It's worth keeping in mind that while harm is being done through the spread of false information, what's most important is to educate them, see this as a teachable moment, so they can become productive experts and modify their message to be fully correct. Of course, it requires them to be open minded of their shortcomings: but it can be done.
PS: I have no clue who the author of Practical Cryptography With Go is.