This document discusses common security anti-patterns and cargo cult programming practices related to cryptography. It describes how using cryptographic primitives incorrectly or for the wrong purposes can significantly weaken security. For example, using non-cryptographic random number generators, reusing initialization vectors, or rolling your own encryption when libraries are available. The document advocates identifying true security goals, using the correct cryptographic primitive, and relying on proven libraries instead of writing custom crypto code whenever possible.