[jbinto]

> Infosec is hard.

In computer security, you have to get it right every single time. The bad guys only need to get it right once.

[Pxtl]

This highlights to me that our infrastructure is horrendously overcomplicated. We have all these great abstractions, but you have to worry about bugs and exploits in every possible layer of every system. Even the simplest modern web-application has an enormous surface-area to secure, and that makes getting it "right every single time" damned near impossible.

[dfc]

This is a little myopic but understandable in the context of a discussion on HN. Infosec is hard, but it is just one example of a bigger truth:

Defense is hard.

This comes up time and time again in any defensive discipline:

  Over two decades the  CIA had learned again and again that it  could not hope to
  defend against  terrorists by relying solely  on its ability to  detect specific
  attacks in  advance. No matter how many  warnings they picked up,  no matter how
  many  terrorist cells  they disrupted,  at least  some attackers  were going  to
  get  through. Officers  in  the  CTC privately  compared  themselves  to  soccer
  goalies: They wanted to  be the best in  their league, they wanted  to record as
  many shutouts as  possible, but they knew  they were going to give  up scores to
  their  opponents. Ultimately, many  of them  believed,  the only  way to  defeat
  terrorists was to get out of the net and try to take the enemy off the field.[1]

The final sentence above highlights the one pecularity of InfoSec; you do not have any offensive capabilities.

[1]: "Ghost Wars" (Steve Coll) pg 505

[Intermernet]

This is why I think some more work into client (or active) honeypots may be beneficial. If we can get an easy to install, auto updating honeypot that fights back, we may have a better offensive capability.

This may just end, like nuclear warfare, in MAD... But it would be great fun to watch!

http://en.wikipedia.org/wiki/Client_honeypot

http://books.google.com.au/books?id=YQmWtsqlvfMC&dq=active+h...

http://en.wikipedia.org/wiki/Mutual_assured_destruction

[bradleyland]

No one gets it right every single time. No one. That's a completely unrealistic expectation. What you do is establish a bar, which you share with everyone who will use your software. Then you evaluate your efforts against that bar.

One of the keys to developing good software is hiring third-parties to conduct audits. A bug bounty program is one way to incentivize people who are already probing your software to take the next step and tell you about the bugs they find.

[codygman]

What opinions does infosec in general have of correctness? What about languages like Haskell which focus on separating IO and pure functions?

[tripzilch]

well it gives the advantage that (used to?) keep desktop-Linux clear of most viruses: it's too little a fish for blackhats to go after.

until that's different it's harder to answer your actual question. my guess, it'll be better but inevitably still have some holes.

[codygman]

I specifically what infosec (or anyone involved in the industry) thought of separating pure and impure functions which affect the outside world.

It seems to me that it would drastically reduce the surface areas of attack.