Regarding to my Post about the Russian Leak and the noobish encryption method there are using[1] a few readers wrote me some stuff.
XOR is not safe as long as you use the same Password. Most of you claimed that XOR is safe, but it isn't when you use it wrong. And they do, because otherwise a single use password would be mentioned there.
When you use the same passphrase two times, it is common that you will find the password and the plaintext of the cipher.
If you use XOR, you have to use a One-Time pad[2]. That means, that you have to use a password exactly one time and the password have to
match the length of the plaintext as well.
At this Moment (and only then), XOR is the safest method, because your password can be everything and the plaintext could be everything too.
If you use the passphrase a second time, the encryption will be broken at last.
But anyway, when you use crypto in your software, you have to use real crypto with a higher degree of security at last.
A One-Time pad was invented for "in field" missions of spies without having a computer at your site.
[1]
06/04/2023 - Vulcan Files online available. That are the russian capabilities?
[2]
Wikipedia - One-time pad