Hacker News new | past | comments | ask | show | jobs | submit login

That’s like saying it’s best to run everything on AWS, because there’s only one place to monitor for outages.

That’s the exact opposite of how supply chain mitigation works.




It's not at all like saying that.

If you want to mitigate downtime in your supply chain then diversity is good. If you want to mitigate security vulnerability then it's bad.

Imagine you have 100 api servers that all have database credentials. If one server goes down you have 99 working servers (ideally). If one is compromised then the attacker has your database credentials, game over.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: