Comment by RobotToaster
10 hours ago
Software with vulnerabilities was defectively written.
If someone makes tanks with paper for armour, because it cuts costs, they are to blame if those tanks catch fire.
10 hours ago
Software with vulnerabilities was defectively written.
If someone makes tanks with paper for armour, because it cuts costs, they are to blame if those tanks catch fire.
A tank is designed for war. Infrastructure is designed to serve some other utility. Claiming it should also be hardened against (cyber) war is acknowledging that there is an aggressor performing an attack of war, not that the infrastructure is failing the utility it was designed for.
It's fine to have this view that software should be defect free and hardened against sophisticated nation-state attackers, but it stretches the meaning of "defect" to me. A defect would be serving to fulfill that utility it had been designed for, not succumbing to malicious attackers.