Hacker News new | past | comments | ask | show | jobs | submit login

The internet in general caused this. Your house has trivial security that can be broken in many ways. But it requires someone to be physically present to attack it. Meanwhile online services have cutting edge security with no known exploits, yet you have millions of people attempting daily and developing brand new methods for getting in. Because they can be located anywhere in the world and have access to everything over the internet.



> online services have cutting edge security with no known exploits, yet you have millions of people attempting daily and developing brand new methods for getting in

Reality is the reverse. Plenty of online services with big-security holes, but no one really probes things that hard.


My personal site sees little to no real user traffic, but gets hundreds to thousands of hits monthly from bots looking for various known vulnerabilities in older versions of WordPress, PHP, etc.


I get this too.

Are these real threats or Google or other bot traffic that I should be taking action on?

My provider's web app firewall and other security measures just log this stuff.


Plenty of people are probing the AmaGoogAppSoft services daily and they seem to be pretty robust. Some random SaaS yeah who knows but the big boys seem to know what they are doing in this space.


I would expect the headquarters building of a fortune 500 company to also have a non-trivial level of security, so in that regard I'm not convinced the internet has changed much.

The average home is probably more analogous to a consumer router—and the security story there is not exactly great.


Try doing bug bounties (and being successful at them) then report back whether your perspective has been changed.


The fact that they're paying people to find holes is evidence that it's difficult to find holes, not the opposite.


I mean, it does require relatively rare technical skill among the general populace, so you need to incentivize it in some way. That is nowhere near a sufficient argument to prove it's difficult in the sense of it being a rare event. Lots and lots of rewards are given out, which means there are lots and lots of open holes in any given moment.


One of the things that peple forget is that thieves rarely pick the lock to break into a home. Why bother when it’s much easier to break a window to gain entry? Reading the police blotter in the local paper, most burglaries are either forced entry into a garage¹ or entry into a home via an unlocked door or window.

1. The human doors for most garages have cheap framing that’s not that hard to break.


1(a) - or you just use a coat hanger to pull the emergency latch rope.

https://www.youtube.com/watch?v=CMz1tXBVT1s&t=2s


>Your house has trivial security that can be broken in many ways. But it requires someone to be physically present to attack it.

Until someone hooks gpt up to a robot with a lockpick.


That's still physical presence. And TBH, if you have enough robots to make illicit entry scale, you no longer need to bother with such a mundane activity.


GPT bring me everyone's jewelry.


The AI does not hate you, neither does it love you. You are simply made of atoms which can be turned into more jewellery for @flangola7.

(It was either that or a reference to a 4000 year old Phrygian…)




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: