This is still a huge threat, because their “mitigations” are a joke. The only possible way this can be an acceptable feature is if it is built from the ground up with security as the primary concern. You can’t “tack on” security at the end and get a secure product.
If security was in any way a consideration, there is no path to shipping anything where the database is unencrypted at any point. Not in an insider build. Not as a tech demo. Nothing.
I mean, no, that’s dogmatic weirdness. The feature is secure if the feature that is live is secure. Software isn’t magic, it doesn’t have karma, it works the way it works.
Now, this is as secure as whatever they ship, but even assuming it’s ironclad it’s still a bad feature. You do not need an automatic screengrabber to remember what you did yesterday. Every piece of work software you may need to reopen has a recent files list, Windows has a file search function, browsers have a history. You have a brain. You don’t lose track of so much stuff that you need to be recording your entire activity just in case. This is a bad gimmick that covers no use case, just like Timeline was. And because it’s a bad useless feature the logical thing is to turn it off and forget about it, which is why everybody seems to have memory holed that Timeline ever existed.
You guys really don’t need to get weird about it for it to be a bad idea, but since they’re railroaded into shipping it, at least it’s better to ship it with proper encryption and authorization features. Still turn it off, though.
The feature that is live cannot possibly be secure. That’s the entire point.
If you do not design every element that interacts with user data very consciously and deliberately around controlling access properly, you cannot get a result that is not massively vulnerable to bad actors. Security is a core design principle. It cannot possibly be achieved after the fact.
It’s insane technology illiteracy like this that’s the reason that security is such a shitshow across the world and allows tech companies to just ignore the bare minimum effort. Tech CEOs should be criminally liable when gross negligence like this results in meaningful breaches to consumers.
Sloppily patching the giant hole in your stone wall doesn’t make it hold water when there are 500 other cracks and smaller holes. If you didn’t consider “don’t have big holes” a feature that justified spending money on bricks at the start, you’re never going to get an end result that does the job.
This is hilarious for life context reasons that I’m not gonna disclose here.
But good one. I swear, this place sometimes is Dunning-Kruger headquarters. Gotta decide if “this place” means “the whole Internet” or not, one of these days.
This is still a huge threat, because their “mitigations” are a joke. The only possible way this can be an acceptable feature is if it is built from the ground up with security as the primary concern. You can’t “tack on” security at the end and get a secure product.
If security was in any way a consideration, there is no path to shipping anything where the database is unencrypted at any point. Not in an insider build. Not as a tech demo. Nothing.
I mean, no, that’s dogmatic weirdness. The feature is secure if the feature that is live is secure. Software isn’t magic, it doesn’t have karma, it works the way it works.
Now, this is as secure as whatever they ship, but even assuming it’s ironclad it’s still a bad feature. You do not need an automatic screengrabber to remember what you did yesterday. Every piece of work software you may need to reopen has a recent files list, Windows has a file search function, browsers have a history. You have a brain. You don’t lose track of so much stuff that you need to be recording your entire activity just in case. This is a bad gimmick that covers no use case, just like Timeline was. And because it’s a bad useless feature the logical thing is to turn it off and forget about it, which is why everybody seems to have memory holed that Timeline ever existed.
You guys really don’t need to get weird about it for it to be a bad idea, but since they’re railroaded into shipping it, at least it’s better to ship it with proper encryption and authorization features. Still turn it off, though.
The feature that is live cannot possibly be secure. That’s the entire point.
If you do not design every element that interacts with user data very consciously and deliberately around controlling access properly, you cannot get a result that is not massively vulnerable to bad actors. Security is a core design principle. It cannot possibly be achieved after the fact.
Yeeeah, I’m thinking this conversation isn’t worth pursuing. My point is already up there.
It’s insane technology illiteracy like this that’s the reason that security is such a shitshow across the world and allows tech companies to just ignore the bare minimum effort. Tech CEOs should be criminally liable when gross negligence like this results in meaningful breaches to consumers.
Sloppily patching the giant hole in your stone wall doesn’t make it hold water when there are 500 other cracks and smaller holes. If you didn’t consider “don’t have big holes” a feature that justified spending money on bricks at the start, you’re never going to get an end result that does the job.
This is hilarious for life context reasons that I’m not gonna disclose here.
But good one. I swear, this place sometimes is Dunning-Kruger headquarters. Gotta decide if “this place” means “the whole Internet” or not, one of these days.