| ▲ | tempest_ 10 hours ago | |
I don't follow. > run an army of security people Do you think these private companies do this? They don't. They pay as little as humanly possible to cover their ass. Botnets comprised of compromised routers is common and commercial/consumer routers are a far juicer target than openwrt. | ||
| ▲ | bigiain 6 hours ago | parent | next [-] | |
> They pay as little as humanly possible to cover their ass. They probably spend more on the team who ends up writing the "We take your security very seriously" breach notification message than they do on "security people". At least until then get forced into brand-name external Cyber Security Consultants to "investigate" their breach and work out who they can plausibly blame it on that's not part of the C suite. | ||
| ▲ | Aeolun 6 hours ago | parent | prev [-] | |
> They pay as little as humanly possible to cover their ass. It’s probably helpful that open source teams aren’t hampered by standards and 20 year outdated audit processes either. | ||