| |
| ▲ | tokioyoyo 6 hours ago | parent | next [-] | | > How near a miss must we have (and how many) The fun part is, there have been a lot of non-misses! Like a lot! A ton of data have been exfiltrated, a lot of attacks, and etc. In the end... it just didn't matter. Your analogy isn't really apt either. My argument is closer to "given in the past decade+, nothing of worth has been harmed, should we require airbags and seatbelts for everything?". Obviously in some extreme mission critical systems you should be much smarter. But in 99% cases it doesn't matter. | |
| ▲ | hiq 2 hours ago | parent | prev [-] | | > I've yet to be saved by an airbag or seatbelt. Is that justification to stop using them? By now, getting a car without airbags would probably be more costly if possible, and the seatbelt takes 2s every time you're in a car, which is not nothing but is still very little. In comparison, analyzing all the dependencies of a software project, vetting them individually or having less of them can require days of efforts with a huge cost. We all want as much security as possible until there's an actual cost to be paid, it's a tradeoff like everything else. | | |
| ▲ | franktankbank an hour ago | parent [-] | | The funniest part is that it always gets traded off, everytime. Talking about tradeoffs you'd think sometimes you'd keep it sometimes you'd let it go, but no, its every goddamn time cut it. |
|
|
