|
|
|
|
|
|
by cwbrandsma
3120 days ago
|
|
|
Pretty much becomes “blame the messenger” in a hurry. That and these comments quickly become “why didn’t they just do it the ‘right’ way...as if such a thing existed. With security there is no right way, just many known wrong ways. I got into a discussion once about how to properly handle passwords (cause somebody has to do it). There is no right answer, just lots and lots of wrong ones. Don’t encrypt, hash. But not that hash, use another...and not any of those over there; and sure as shit don’t write one yourself. Use an off-the-shelf hash...just not any that you have access to now. Not that one either, we don’t recognize the author by name...and not the other one because we don’t like the owner of the company (who is not a developer). TL:DR, if you write code that needed security...eventually you are fucked. |
|
|
> Not that one either, we don’t recognize the author by name...and not the other one because we don’t like the owner of the company (who is not a developer).
This is quite obviously bad rhetoric (outright dumb, I'd say.) But let's say it's remotely true: you think "complete dysfunction, and inability to analyze root problems" -- that it's a reason why we shouldn't crack down these people?
Doctors make mistakes. Everyone knows that. Sometimes it's negligence, sometimes it's tragedy, sometimes it's just random happenstance or Friday the 13th or whatever. But for some reason, we don't interpret this as a blank cheque to let any jackass on the street legally operate on people, risking their lives, and then -- when they hurt someone -- we all throw up our hands, sigh, and say -- "well dang, at least Frito Pendejo, he tried really hard, tried his best and doctors, y'know, medicine is crazy and uncertain!!! there are no right answers!!!"