Comment by kluck
10 years ago
The best things suggested:
- Strip down the features of the application to minimize attack surface. (see bloated, badly designed web apis...)
- Don't let sensitive code be produced by interns.
10 years ago
The best things suggested:
- Strip down the features of the application to minimize attack surface. (see bloated, badly designed web apis...)
- Don't let sensitive code be produced by interns.
And throw away years of progress in web technology. No, thanks.
What if I (and users) want those features? Ah, I remember, just install a plugin, which is closed source thus more secure... wait a minute.
A lot of that "progress" in web technology should be rolled back ASAP and just be remembered as a cautionary tale and/or used as a bedtime story for scaring little children.
If you remove them others will create even less secure alternatives. Remember Flash?
2 replies →
Sandboxing while keeping all features is no more or less secure than without the sandbox, it just makes stuff slower.
You are an SUV type of guy over an exotic sports car, right? :)
1 reply →
https://cdn.meme.am/instances/66130857.jpg
Well, I'd say that was a ridiculous position.