Hacker News new | past | comments | ask | show | jobs | submit login

>we're still doing routine audits of the existing stuff.

This doesn't work, auditing coldfusion code is impossible without auditing the entire platform. The whole platform is so full of bugs and strange behaviour that it's actually impossible to produce secure coldfusion code.




I can't really deny that CF is that bad, but it'd be irresponsible to just let the codebase rust as we rewrite it - and we are rewriting it.


When did you start rewriting it? It doesn't take years to replace this stuff.


I was hired in July and have been driving most of this effort and we're shipping rewritten versions of some parts of our infra soon™


That sounds good, at least, thanks for letting us know.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: