Comment by jcims
4 years ago
...in which the attackers have free access to copies of the bridge where they can silently test attack strategies millions of times per second for months or years on end.
The safety vs security distinction made above is fundamental. Developers are faced with solving an entire class of problems that is barely addressed by the rest of the engineering disciplines.
> where they can silently test attack strategies millions of times per second for months or years on end
Remotely, anonymously, at virtually no risk to themselves.
And then, when they finally perfect their technique, they can just sell or give away the plan to other people in an instant, who can then put it into practice almost for free, against any compatible bridge they like.