Someone must have written the existing crypto libraries, so obviously they have not followed the conventional wisdom.
The advice that you should not write crypto libraries must be taken very seriously, but you must understand that its meaning is just that this is one of those things that is harder than it seems, so you must not try to do it before being thoroughly prepared for this, because there are no shortcuts, and there are a lot of otherwise good professionals in programming who have made fools of themselves by implementing amateurish cryptographic solutions that demonstrated ignorance about how such things must be done.
It is pretty much impossible for anyone to understand well enough all that you need for writing correctly a crypto library after a few days or weeks of study, but after a few years of studies and exposure to all relevant cryptographic literature, any competent programmer could become able to write a good cryptographic library.
An intensive cryptography course of a few months would have been sufficient, except that I have never seen any single teacher that I could consider good enough to teach everything. Many things that I consider very important I had to gather from multiple sources, after thinking very carefully about which of them were right and which of them were wrong.
Fortunately, today there are many more easily available sources for learning cryptography than a few decades ago. Like in other domains, now what has become difficult is not finding information, but distinguishing the correct and useful information from that which is either false or useless.
Similarly for writing an operating system.
For now, there is no evidence that Mythos has any special skills for discovering cryptography-specific weaknesses, like vulnerability to side-channels. All the bugs shown are the traditional bugs of careless programming, like out-of-bounds accesses or integer overflows.
The advice that you should not write crypto libraries must be taken very seriously, but you must understand that its meaning is just that this is one of those things that is harder than it seems, so you must not try to do it before being thoroughly prepared for this, because there are no shortcuts, and there are a lot of otherwise good professionals in programming who have made fools of themselves by implementing amateurish cryptographic solutions that demonstrated ignorance about how such things must be done.
It is pretty much impossible for anyone to understand well enough all that you need for writing correctly a crypto library after a few days or weeks of study, but after a few years of studies and exposure to all relevant cryptographic literature, any competent programmer could become able to write a good cryptographic library.
An intensive cryptography course of a few months would have been sufficient, except that I have never seen any single teacher that I could consider good enough to teach everything. Many things that I consider very important I had to gather from multiple sources, after thinking very carefully about which of them were right and which of them were wrong.
Fortunately, today there are many more easily available sources for learning cryptography than a few decades ago. Like in other domains, now what has become difficult is not finding information, but distinguishing the correct and useful information from that which is either false or useless.
Similarly for writing an operating system.
For now, there is no evidence that Mythos has any special skills for discovering cryptography-specific weaknesses, like vulnerability to side-channels. All the bugs shown are the traditional bugs of careless programming, like out-of-bounds accesses or integer overflows.