Yeah. Any time you tell someone they shouldn't do something (like invent their own cryptosystem), they'll try to do it anyway. Problem with crypto is that they can't tell when they've failed. Unfortunately, RC4 has its problems, too, but it's still better than rolling your own.

I have to come clean about something - I said I was attacking messages with 3*keylen ciphertext bytes, which is true but misleading. I don't have a really good general method for solving the upper bits of the keys from such a short message. I was doing that with about 7*keylen bytes, until I started focusing on specific weaknesses in CipherText for that step. I'm not telling everything here, because it only has a narrow applicablity, and I don't want Steeeeeve to plug up the problems with his cipher and come back with a new version.

And because that part of my code is ugly. Ick.