Hacker News new | past | comments | ask | show | jobs | submit login

Security people seem to vary from proper devs with an interest in security to "I used to be a marine now I'm a security contractor" methodology-obsessed types.

My faith in the former is strong, the latter category worries me.




Actually, "devs" are typically not technically qualified either. You have to really understand how things work, not just be able to write a program.

But you're basically right. And now there seems to be a meme going around that it's elitist and inappropriate to expect people to have any technical understanding at all before they start dictating technical decisions around security, and all you need is a willingness to learn the alphabet soup of requirements and mindlessly apply the checklists.


I said proper devs, in my defense. The people I hang around with tend to know how things work.


The ideal is you have both types taking different approaches


I came from dev. I agree.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: