Hacker News new | past | comments | ask | show | jobs | submit login

As with anything, we have to ask ourselves why are we offloading the responsibility to the OS providers to solve this, when we really have to determine for ourselves if the risk is even a risk at all on our individual systems. Do I care about this hard to exploit vulnerability on a web server that's streaming video content to the public? No. Does it matter on a DB server with important financial data? Yes it does.

Applying the patch should be opt-in if you ask me. But of course, most sysadmins are hopeless. So then the OS vendors push it out, it's safer than letting the decision to uninformed people.




This "but people are stupid and uninformed" mentality has really got to stop. If you find yourself making an argument that hinges on everyone but you or some large population being idiots then you're wrong. Not only because people aren't stupid but doubly because you're specifically talking about a population of highly educated people who start as developers and get interested in infra.

Sysadmins/DevOps/SREs aren't hopeless, they just have different incentives and responsibilities. Default secure with the option to let down your guard when the need is there is always always the right choice. You wouldn't have your firewall default allow with a blocklist. You wouldn't grant everyone sudo access and then maintain a list of commands they can't execute. Such a thing is impossible to maintain.

For me specifically I manage too many servers to bother with this. It's going to be deployed to everything without exception and if you need more performance we'll rack more hardware. The cost of more CPUs is less than the risk that something will slip through the cracks. I don't care that your pet service doesn't execute any untrusted code, I'm not carving out exceptions when I have 20 teams constantly asking for stuff.


>I'm not carving out exceptions when I have 20 teams constantly asking for stuff.

Sounds like your IT department is severely understaffed and is unable to meet the needs of the developers without reducing service.


Sometimes this happens —- the vast majority of organizations have tighter budgets than FAANG, especially if they are not for profit. How helpful do you think this observation could be to someone in their position ?


I think it should be opt out because it’s better to have secure by default than fast by default in my opinion.


This is especially true since the exploits are available in Javascript.

> but that analysis is nearly impossible an filled




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: