Re: "Eskil steenberg Hald Security talk at BSC 2025"

In: u/LucasMW

So I'm a security researcher (it's in my current team's title and mandate), and I've spent most of my career in the space, but I absolutely agree. A friend of mine has a quip I like: sure you found a break, I'll listen when you can tell me how to never have that happen again.

I think we over-index on the "cool" breaking side of security, and forget about all the really interesting (but less punchy, less flashy) stuff you can do on the defense side of the house. A recent example is the cupsd vulnerability: neat break, absolutely no real impact for most (really, a majority of) users.

🌲 lojikil

2025-07-31 · 9 months ago

🚀 LucasMW

Eskil steenberg Hald Security talk at BSC 2025 — <RANT> I take security seriously, but I've had it with the security orthodoxy. I really want secure software but we can't let the security orthodoxy continue being unquestioned in the software community. The security orthodoxy assumes that security is the most important aspect of computers. It NEVER EVER IS. Computers exist to get things done. If security was more important, then, here is a hot tip: Don't plug in the computer to either a...

💬 1 comment · 3 likes · 2025-07-31 · 9 months ago · #programming