[begueradj]

>Gmail isn’t even the worst offender, it’s just a more popular one. The Tesla and Crypto.com apps are around 1 GB each.

One reason is those are typically apps which need to be heavily secured. So behind the seemingly "simple" user interface and functionalities, there's so much security related code to ensure their "safety".

More importantly, it's difficult to code without dependencies.

[Aachen]

Pardon? I can't tell if you're serious. How would adding more lines of code in a program (or assets or whatever make up this size) add security?

[jimt1234]

(Anna Delvey voice) ... LOC is always better.

https://en.wikipedia.org/wiki/Anna_Delvey

[begueradj]

You must be a developer only :)

https://www.securecodewarrior.com/press-releases/secure-code...

[Aachen]

I think the joke is going over my head ^^; Maybe you mean 'just' a regular developer as opposed to a cryptobro?

Edit: I see you added in a link. "The research found that more than half of the 1200 developers surveyed are unable to ensure that their code is protected from seven common vulnerabilities", hmm maybe it was not a joke? The article (or the survey it's based on) sounds extremely misguided though, sounding comparable to saying that only X% of farmers never had a single rotten apple so clearly it's not a 'top' priority for them to produce quality at all cost

Oh, and I just noticed you're the same person as whom I was responding to above. That explains

Fwiw, I do security audits as a day job so I have some idea of which coding practices lead to good security and it's not download size. You can try this "you're just a developer" again on someone else maybe

[begueradj]

> The article (or the survey it's based on) sounds extremely misguided though

Unfortunately the entire Internet is bloated with such extremely misguided jokes. Here is another extremely misguided joke:

"We have a fundamental problem in the way we develop software. A large percentage of software is created by people who were never trained on the basics of security. " [1]

[1]: https://buildingacareerinsecurity.com/why-developers-dont-kn...

[jandrese]

Generally the larger the codebase the harder it is to secure. I am less worried about security vulnerabilities on small tightly focused apps than I am on gigantic monstrosities with hundreds of different attack surfaces.

[maybeOneDay]

According to looking at a 1,000 line code file on my machine right now, a million lines is about 48mb. You think > 10 million lines of code are required for security in an app?