I tend to be downright hostile toward anyone who rolls their own cryptography. Mostly because that shit is hard and unless you really know what you're doing you will fuck up and then you won't know how to unfuck yourself and then when your users are fucked you'll blame them when it's not their fault.
@acarson plus they probably short circuited a byte string comparison and fucked everything up. If only I got extra cash for CVEs back when I reported them