|
|
|
|
|
|
by jarrett
4446 days ago
|
|
|
> knowing your (Open)SSL setup is as important as e.g. knowing your RoR setup Very true, and yet it's so much harder to know your OpenSSL or other security-related setup. You learn your Rails setup well enough to make your application work, and hopefully well enough to make it performant. If you miss either of those goals, it's obvious to you. You know something's broken, and you grind away until you fix it. Not so with security. Your system can be "working" by all outward appearances yet be riddled with vulnerabilities. And you won't know it, so you won't see any reason to go and learn more. Nor would you know what you don't know, or where you need to learn more. That's the scary part. |
|
|