Hacker News new | ask | show | jobs
by smt88 3894 days ago
I don't know if I understand how most of these things could be considered secure unless they've been heavily attacked already.

Are they all so much more secure by design that you consider them to be great projects?

My experience is heavily with server-side web languages, so I'm particularly skeptical of those. Even the most secure-seeming web languages have buggy, insecure implementations at first.
1 comments
kragen 3894 days ago
Those projects are mostly research into how to make software and hardware less buggy; most of them are not themselves written with a threat model in mind.
link
nickpsecurity 3893 days ago
Exactly. Most could be, though, if people put forth the effort. So I keep mentioning such work.

Note: This comment is mainly for others reading along. Something I do on forums. I know you already understand this point.

link