|
|
|
|
|
|
by ethbr1
341 days ago
|
|
|
> Not every system needs to be secure against everything. Systems that are fundamentally insecure in some scenarios are perfectly fine, as long as they're not exposed to those problem scenarios. That's a vanishingly rare situation, that I'm surprised to see you arguing for, given your other comments about the futility of enforcing invariants on reality. ;) If something does meaningful and valuable work, that almost always means it's also valuable to exploit. We can agree that if you're talking resource-commitment risk (i.e. must spend this much to exploit), there are insecure systems that are effective to implement, because the cost of exploitation exceeds the benefit. (Though warning: technological progress) But fundamentally insecure systems are rare in practice for a reason. |
|
|