|
|
|
|
|
|
by benoau
37 days ago
|
|
|
Because software is a massive house of cards and its bottom layers are poorly-funded people and volunteer groups who can't conceive every possible security issue, don't necessarily engage in every best practice to secure their accounts and publishing pipelines, can't single-handedly provide adequate oversight of all their dependencies, and might fall prey to a targeted attack or tempting offer. And then on top of that are companies building software and prioritizing new features over revisiting old code. |
|
|