re: What is a type of "overconfidence" you have observed in developers? VIEW POST


Most of the overconfidence I've seen is related to security and encryption and usually due to ignorance. Devs tend to think their site is unhackable until it's hacked.



I didn't learn much about security and distributed systems at university, but the one thing I learned was "it's harder than you think, so consult a professional!" xD


Golly I can't imagine thinking my site was unhackable. Making open source was definitely in part out of paranoia that the longer we remained closed-source, the more hackable we became. 😳


To be fair, making a site open source would and could shed light on more ways to hack it but at the same time, it allows more people to spot vulnerabilities and contribute to making it more secure.

Like someone once said, if you don't follow Kerchoff's principle you may delude yourself in having something secure when in fact it's not.

code of conduct - report abuse