top | item 41643278 (no title) whiterknight | 1 year ago 1000 lines are easier to secure than 5 million lines discuss order hn newest agentultra|1 year ago “You can write software that has no obvious bugs or you can write software that obviously has no bugs.”I think that was ewd? naniwaduni|1 year ago You can, of course, also write programs that have known bugs. Or even programs that have bugs that obviously shouldn't be there, but are anyway. victorbjorklund|1 year ago Not if 1000 lines are written by you alone and not checked by anyone else vs 5 million lines of code written by thousands of people and checked by countless more. Linux is probably more secure than 1000 lines of C code from a junior developer. whiterknight|1 year ago I think this is vastly overrated:- how much code actually gets read outside of top 2-3 projects?- how many of those readers can detect security problems?- why are others inherently better at detecting problems than the author?Wouldn’t 1000 lines read by 2 people be better than a million read by 10? mplewis|1 year ago Not if you’re the only author!
agentultra|1 year ago “You can write software that has no obvious bugs or you can write software that obviously has no bugs.”I think that was ewd? naniwaduni|1 year ago You can, of course, also write programs that have known bugs. Or even programs that have bugs that obviously shouldn't be there, but are anyway.
naniwaduni|1 year ago You can, of course, also write programs that have known bugs. Or even programs that have bugs that obviously shouldn't be there, but are anyway.
victorbjorklund|1 year ago Not if 1000 lines are written by you alone and not checked by anyone else vs 5 million lines of code written by thousands of people and checked by countless more. Linux is probably more secure than 1000 lines of C code from a junior developer. whiterknight|1 year ago I think this is vastly overrated:- how much code actually gets read outside of top 2-3 projects?- how many of those readers can detect security problems?- why are others inherently better at detecting problems than the author?Wouldn’t 1000 lines read by 2 people be better than a million read by 10?
whiterknight|1 year ago I think this is vastly overrated:- how much code actually gets read outside of top 2-3 projects?- how many of those readers can detect security problems?- why are others inherently better at detecting problems than the author?Wouldn’t 1000 lines read by 2 people be better than a million read by 10?
agentultra|1 year ago
I think that was ewd?
naniwaduni|1 year ago
victorbjorklund|1 year ago
whiterknight|1 year ago
- how much code actually gets read outside of top 2-3 projects?
- how many of those readers can detect security problems?
- why are others inherently better at detecting problems than the author?
Wouldn’t 1000 lines read by 2 people be better than a million read by 10?
mplewis|1 year ago