undefined | Better HN

0 pointsabhiaagarwal1y ago0 comments

Based on the claims on the blog, it feels reasonable to say that this "cannot" occur again.

0 comments

Based on which claim? That 12 months from now they might accidentally discover a new bug just as serious?

If you think someone is obviously wrong, it might be worth pausing for a second and considering where you might just be referring to different things. Here, you seem to understand “this” to mean “a serious bug.” Since it’s obvious that a serious bug could happen, it seems likely that the author meant “this” to mean “the kind of bug that led to the breach we’re presently discussing.”

beardedwizard1y ago

I do not assume anyone is obviously wrong and prefer to ask questions. Most bugs exist in classes, and variants are something you typically consider when a bug results in a production incident.

I'm not sure I read anything that makes me confident this class of bugs could never recur. I could be reasonably confident this _exact_ bug in this _exact_ scenario may not happen again, but that only makes me more concerned about variants that may have equal or more serious implications.

So I'm wondering which claim did it for you? I only really saw pen test as a concrete action.

j / k navigate · click thread line to collapse

0 comments

beardedwizard1y ago

Based on which claim? That 12 months from now they might accidentally discover a new bug just as serious?

GavinMcG1y ago

beardedwizard1y ago

I do not assume anyone is obviously wrong and prefer to ask questions. Most bugs exist in classes, and variants are something you typically consider when a bug results in a production incident.

So I'm wondering which claim did it for you? I only really saw pen test as a concrete action.

j / k navigate · click thread line to collapse