I don't think "security" is usually a binary concept, where it's either there or... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

pronoiac on March 16, 2014 | parent | context | favorite | on: Pwn2Own 2014 Claims IE, Chrome, Safari and More Fi...

I don't think "security" is usually a binary concept, where it's either there or it isn't. It's more useful to draw an analog from the ratings of safes, which are along the lines of "it would take ___ hours / days to break this safe." Instead of lofty claims about being impervious to attack, put up obstacles and hurdles, that make attacks harder.

Pacabel on March 16, 2014 [–]

But those "obstacles" and "hurdles" can themselves be exploited in some cases. If they're software-based, then they can just end up making the attack surface much larger.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact