As a long time Have I Been Pwned fan, I like to keep up with what Troy Hunt is saying about security. In this post, he makes the argument that publicly shaming bad corporate security is a net positive. This kind of direct public pressure, either from journalists, security researchers, or anyone with social reach, […]
Troy Hunt is done with IRL analogies being forced onto digital concepts. But maybe the problem isn’t the analogies, but the expectations we put on them. Analogies can be useful, but only if we acknowledge their limits while using them.
Troy Hunt put together a piece outlining some more subdued thoughts on the Cloudflare security bug. It certainly doesn’t underplay the severity, but also avoids sensationalism. It’s a great piece to put the security concerns into perspective, and actually looks at the risk it truly poses.