Refers to a cryptography
or security product that makes exaggerated claims of what the product is capable of, giving the user a false sense of security. The term snake oil
, which is credited to Matt Curtin for using in reference to computer
security products, comes from the 19th
-century American practice of selling cure-all elixirs in traveling medicine shows. Snake oil salesmen would falsely claim that the potions would cure any ailments. The term has been appropriated to mean security and encryption
products that make impossible claims, such as unbreakable codes.