Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Xelbair 10 hours ago

Genuine question - why are you spending time and effort on geofencing when you could spend it on improving your software/service?

It takes time and effort for no gain in any sensible business goal. People outside of US won't need it, bad actors will spoof their location, and it might inconvenience your real customers.

And if you want a secure communication just setup zero-trust network.

WJW 7 hours ago | parent [-]

> bad actors will spoof their location

Isn't that exactly the point? Why are North Korean hackers even allowed to connect to the service, and why is spoofing location still so easy and unverifiable?

Nobody is expected to personally secure their physical location against hostile state actors. My office is not artillery proof, nor does it need to be: hostile actions against it would be an act of war and we have the military to handle those kind of things. But with cybersecurity suddenly everyone is expected to handle everyone from the script kiddie next door to the Mossad. I see the point in OPs post: perhaps it would be good if locking down were a little easier than "just setup zero-trust network".

Aurornis 3 hours ago | parent | next [-]

> Why are North Korean hackers even allowed to connect to the service,

Asking why some group is “allowed” to use the internet is equivalent to demanding either strict verification or that we cut off some entire country where they reside from the entire internet.

Either that, or someone doesn’t understand basic fundamentals of networking and thinks there’s some magic solution to this problem.

A common variation of this comment is “why do we allow kids to access <insert topic here>” with demands that something be done about it. Then when something is done about it, there is shock and outrage upon realizing that you can’t filter out children without forcing identity verification upon everyone. Similar vibes here, just replace age with demographic.

WJW 2 hours ago | parent [-]

It wouldn't surprise me at all if mandatory online ID verification will become a thing within the next century or so.

Xelbair 5 hours ago | parent | prev [-]

you can as easily get attackers from within your own networks, you're falling for fallacy that everything on the 'inside' is secure.

WJW 2 hours ago | parent [-]

Just because one group of attackers is (/might be) inside your network doesn't mean you also have to let all other groups in. There is zero reason to let (say) North Koreans interact with your gas pump API, other than that the internet is set up so that it is virtually impossible to prevent unfriendly parties from contacting your servers.