[tie_]

We are talking about following well understood and published standards, such as TCP and IP. The people implementing those stacks were either negligent, or were consciously cutting corners and safeguards that those open standards had already in place. The result: lots of network pipes can be subverted by crackheads into flooding innocent netizens.

No, I got no sympathy for the people who built and sold those devices.

[laumars]

Have you actually gone through the TCP/IP specification and implemented everything securely?

It’s nearly as simple of specification to get right as your post suggests.

[tie_]

Getting the 3-way TCP handshake and decrementing TTL is quite easy to get right. Those are very much foundational properties of the respective protocols. We are not talking about obscure edge cases.

Also, building a bridge is not simple either, but it's a well known and well solved problem. When a bridge crashes we don't just shrug and wave at the construction company with "It's OK, bugs happen".

[laumars]

It’s also very easy to get wrong.

How many bridges are built to survive abnormal conditions like earthquakes, tidal waves, or even just a lorry driver smashing into the roof of a low bridge? Some of my closest mates are actually structural engineers specialising in bridges so coincidentally I happen to know a lot on this topic and the answer is, outside of surprisingly few countries, most bridges aren’t designed to carry any more than expected load. Some bridges aren’t even strong enough to carry heavy goods vehicles of present day. Hence why so many bridges have instructions upon approach detailing to drivers about safe and correct usage.

However you can’t really compare software to bridge building. There’s thousands of reasons why the two aren’t the same.

[laumars]

You can’t really compare this to bridge building. There’s thousands of reasons why the two aren’t the same.