|
|
|
|
|
|
by cowsup
55 days ago
|
|
|
Great piece. I thought the same of Cal's announcement; it basically boiled down to "we're willing to shift our entire business to a security-through-obscurity approach." It won't be long until systems are sophisticated enough that they can target an application over the course of a weekend, and try thousands of exploits across each possible endpoint you offer, to see what happens, regardless of whether or not your source code is public. Anyone who's launched anything on the web -- anything at all -- and looked at the logs will see all sorts of endpoints being requested for /wp-admin/ or random WordPress plugins, even if their site has never, and will never, run WordPress. Imagine this at scale, with every possible attack method imaginable, blindly hitting everything on the web. That's where I think we're headed, and closed source won't fix that. |
|
|