Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've often found poor security designs justified by many of the arguments in this thread that it's unreasonable to treat everything as a threat.

They know it's a bad design but doesn't matter because the threat is too improbable. Until it isn't :p



It's the everything always part of the argument that's unreasonable. You realise that that's impossible? You can't vet and control the whole stack. And, if you could, it would be prohibitively expensive.


For certain use cases, it is not cost prohibitive. Take defense or banking…


I’ve been in meetings where executives have said precisely this and I have tried to gently nudge them towards defense in depth.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: