Malice or incompetence?
So, does anyone have an opinion here, was this malice or incompetence?
That is, is this a cryptosystem where the Australian spy agencies could have some interest in introducing a cryptosystem that at first glance appears OK but has weaknesses? (This "at first glance" part doesn't seem to work, those who design in intentional weaknesses seem to underestimate the capabilities of civilian cryptoanlysts to find these weaknesses.) Or is this not the case?
Regarding incompetence -- I don't mean this as a big insult to whoever worked on this. Writing your own secure cryptosystem is difficult to the point that it's ill-advised for most people to do so; and even a crypto expert could overlook something or other. It's fairly ill-advised to ship a product based on a new cryptosystem without letting other crypto experts look it over first to check for just the kind of weaknesses found in the article; then the cryptosystem can either be fixed or it can be scrapped if it's inherently flawed.