undefined | Better HN

0 pointsand-not-drew3y ago0 comments

That's got nothing to do with what we're talking about.

The first comment didn't say they should have spent more time on security, it said they should have spent time creating a system to detect if too many taxis were in one spot.

I think we can all agree that security is valuable and should be prioritized, but spending time worrying about how to stop who is already in your system from sending all the cabs to the wrong place seems like a waste of time.

Hell, IF (big if) the worst thing a hacker could do once they had access YandexTaxi's servers is send a bunch of cabs to the wrong place, you could almost spin that in a positive light. "We spent so much time protecting customer data that all they could do is send our divers to the wrong place".

0 comments

bee_rider3y ago

It is hard to make a solid argument about perceptions. Is it possible that non-technical people would perceive the ability to send all the drivers to one location as a big security problem, even though it doesn't really require any conventional security issues? Maaayybeeee. "Hacks" that intrude into the real world do have a bit of an over-inflated appearance of importance after all.

samus3y ago

Maybe they managed to also steal or encrypt data, and now the media attention in a sense helps the hackers claim extortion money? Since the showlights are now on that company?

and-not-drewOP3y ago

True, but going back to the original argument, if hackers did manage to steal data, that makes the idea of spending time trying to prevent all the taxis from being sent to one place even stupider. In the world where YandexTaxi had extra time to spend on something, they should have spent it on securing their data better.