Hacker News new | past | comments | ask | show | jobs | submit login

> Many security layers are counterproductive

Where is this part documented? I've read that security is best done as a layered approach




I was about to ask for the same thing. All best practices within the security domain point towards multiple layers of security, simply to have some fallback if one mechanism is compromised.


> Where is this part documented?

i don't have any example over this part. Maybe the OP has...

Still, a layered approach is great "on paper" (and probably the best actual solution we have atm), but it is only great in practice if it's well coded and the op is right that in lots of cases there are numerous flaws.

yes, you have failsafes on the layer bellow, but then again... it's just another "challenge" to find the flaw...

If we have a simple and effective code (à lá unix: do one thing, do it well), that has the possibility of becoming more effective that "flawed layers".

yeah... we can have multiple - simple - layers... but again... that will also raise the possibility of unforeseen flaws...

all in all: it's always a double-edged sword...

you're right and the op is right XP

(unless the layered approach is actually really really well coded!!! That's the ideal... but not many can do it!!! - i surely can't ahahah)




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: