top | item 23536800

(no title)

kinjba1 | 5 years ago

The Linux kernel, glibc, V8 and nodejs are some of the most vetted software existing. Of course I trust them. If my business partner has security breach it's possible to sue them.

That is different than adding 1000 barely looked at dependencies to my JavaScript project. Every addition is another chance for an undetected security vulnerability. "It's really not that bad" is probably what Equifax thought before the magnitude of what happened was revealed.

discuss

No comments yet.