| ▲ | eskibars 4 hours ago | |
"If it ain't broke, don't fix it" is its own area of risk that people often ignore | ||
| ▲ | creesch 4 hours ago | parent [-] | |
Except that a lot of software likely is already broken in fun ways we currently don't know about. That is what makes it such a "fun" challenge. Supply chain attacks are one thing, but CVEs in already released software allowing other attackers are another. As always, I know most of us work in IT, but things rarely are actually binary. | ||