undefined | Better HN

0 pointswoodruffw8mo ago0 comments

Maybe I don't understand the threat model here: what kind of public-facing services are you running that are simultaneously (1) not already access-limited, and (2) not load-bearing such that they need to be public-facing?

(And to be clear: I see the benefit here. But I'm talking principally about open source projects, not the vendors you're presumably paying.)

0 comments

richardwhiuk8mo ago

Some companies might be willing to compromise functionality to avoid compromise of their networks.

There's always a usability / functionality vs security tradeoff

j / k navigate · click thread line to collapse

0 pointswoodruffw8mo ago0 comments

(And to be clear: I see the benefit here. But I'm talking principally about open source projects, not the vendors you're presumably paying.)

0 comments

richardwhiuk8mo ago

Some companies might be willing to compromise functionality to avoid compromise of their networks.

There's always a usability / functionality vs security tradeoff

j / k navigate · click thread line to collapse