alt Hacker NewsA couple times a week my freaking VP is announcing some new tool he vibecoded and talked to no one about.
I’m sure they’re all riddled with security issues, but am I gonna go be the one pointing it out? Heck no.
A couple times a week my freaking VP is announcing some new tool he vibecoded and talked to no one about.
I’m sure they’re all riddled with security issues, but am I gonna go be the one pointing it out? Heck no.
we love to say things like these, but... most security issues are in fact BYPASSABLE - virtualization, firewalls, autorollbacks, ro-filesystems and so on are many of the tools we have on our belsts
decades of WordPress have taught us that insecure apps can 100% be securely deployed
it's a bit of an art, most recently edicated devops/sre ppl suck at it, but it's doable
...aeons a go in a former life we ran production apps that got hacked weekly, and nobody batted an eye at it, backups servers recreated from secure ro-images were span up with last-clean-app version, occassionally we had fun disassembling whatever reverse shells and other mallware that got beached on our systems (but couldn't "swim" bc everything we ran was "too exotic" for them to figure out the next steps of a proper attack), development and business continued as usual with zero interruptions etc