|
|
|
|
|
|
by danielfone
4773 days ago
|
|
|
I absolutely agree that there's no easy solution to this (or it would've been "fixed" already). > some (most) people never open-source their app, and don't mind employees seeing it... One of my concerns is that people believe it's only a risk if they ever open source their application. While most apps don't have to worry about a motivated attacker in reality, the risk isn't simply secure or unsecure. It's more a case of 'more difficult' vs. 'much easier' to compromise. I fear many engineers don't think of securing their apps like this. I know I've only recently begun to understand this way of thinking about security and it's changed the way I code. |
|
|