Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"If it ain't broke, don't fix it" is its own area of risk that people often ignore


Except that a lot of software likely is already broken in fun ways we currently don't know about. That is what makes it such a "fun" challenge. Supply chain attacks are one thing, but CVEs in already released software allowing other attackers are another.

As always, I know most of us work in IT, but things rarely are actually binary.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: