undefined | Better HN

0 pointskjkjadksj6mo ago0 comments

All code is fundamentally not ever secure.

0 comments

This statement is one of those useless exercises in pedantry like when people say "well technically coffee is a drug too, so..."

Code with publicly-known weaknesses poses exponentially more danger than code with unknown weaknesses.

It's like telling sysadmins to not waste time installing security patches because there are likely still vulnerabilities in the application. Great way to get n-day'd into a ransomware payment.

nightpool6mo ago

Have you spent time reviewing the security patches for any nontrivial application recently? 90% of them are worthless, the 10% that are actually useful are pretty easy to spot. It's not as big of a deal as people would like to have you think.

da_chicken6mo ago

That's why I run Windows 7. It's going to be insecure anyways so what's the big deal?

j / k navigate · click thread line to collapse