top | item 44742637

(no title)

dm3 | 7 months ago

This approach to security is backwards. It's way harder to find security issues than to never include them in the first place. This approach might work for another webapp but I highly doubt a retroactive security analysis is practical for a more involved system.

discuss

lelanthran|7 months ago

Yeah. A lot of security issues are design issues, not "I reused a buffer for something else" issues.

Fixing design and/or architecture at a high level usually requires a signficant rewrite; sometimes even a switch in technology stacks.