|
|
|
|
|
|
by tptacek
4577 days ago
|
|
|
I hope I don't sound like I'm sticking up for the procurement process that generated this site. The site was bought was, I'm sure, a pile of poop. I just have trouble with people's utterly unrealistic expectations of how security works in real applications. Forget Healthcare.gov; I mean real applications, ones people rely on every day. Nothing is secure from the start. Everything has bugs. |
|
|
Sure, all aspects of programming are subject to bugs. My concern with the site is an apparent lack of design for security. Admittedly the linked article only talks about symptoms, I'm inferring poor design from a previous article which said the developers put security at the bottom of the list of priorities.