FAQ

???? 10/11/2013 12:20 ??, ?/? Chris Angelico ??????:
On Sun, Nov 10, 2013 at 2:32 AM, Antoon Pardon
wrote:
And i had until i made some new changes last night, which i think i have corrected now as we speak.
Continuing the arrogance.
Just to put that in perspective, by the way: *EVERYONE* writes
vulnerable code. Even Python itself has been found to have had
significant exploits (hash randomization had to get backported a long
way). There's nothing wrong with fixing security bugs; there's not
even a lot wrong with the iterative process of "find bug, fix bug,
find another bug, fix another bug". There are two major problems with
what you did here, Nikos, and they are:

1) Starting with a hopelessly insecure system and then trying to
band-aid patch it one vulnerability at a time, which is folly; and

2) Boasting that your system was now secure.

The main issue is the boasting, which is utterly unwarranted
arrogance. All you have to do is look at how, after boasting
previously, you were provably vulnerable - which means that you
clearly still had problems while you were boasting. A more humble
attitude of "Oops, well, that's fixed now" without saying "Ha ha, now
try to break THAT, I'm oh so perfect now" would suit you far better,
based on your history.

ChrisA



Ha, ha ha!
I'm safe now!!


No breaks in this time!

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

People

Translate

site design / logo © 2022 Grokbase