undefined | Better HN

0 pointsmynameisvlad2y ago0 comments

I’m sorry did we read the same write-up?

Like I get cynicism, but they very clearly explained the lead-up to the accounts being compromised and the mistakes that caused that. They took full accountability of it. Which is frankly more than most companies dealing with security incidents. This entire write-up is more than most companies obligations or responses.

0 comments

michaelt2y ago

> This entire write-up is more than most companies obligations or responses.

The thing is: What standard of security would you expect of someone who was decrypting 1/3rd of your internet traffic?

I would say "better than most companies" is too low a bar. Hell, I'm not sure any organisation could be secure enough to be trusted with that.

j / k navigate · click thread line to collapse

0 pointsmynameisvlad2y ago0 comments

I’m sorry did we read the same write-up?

0 comments

michaelt2y ago

> This entire write-up is more than most companies obligations or responses.

The thing is: What standard of security would you expect of someone who was decrypting 1/3rd of your internet traffic?

I would say "better than most companies" is too low a bar. Hell, I'm not sure any organisation could be secure enough to be trusted with that.

j / k navigate · click thread line to collapse