undefined | Better HN

0 pointsthrowaway227411y ago0 comments

> Professional auditing and security testing should be necessary for any piece of software from which it's possible to drain large sums of money, regardless of who's running the software or holding the money. In fact, I'd argue anything less constitutes an ethical breach on the part of the lead engineer(s).

Would you include web browsers, OSs, system libraries and such in that definition? All those can steal users money if compromised. If so, who do you suggest be responsible for that in an open source project?

0 comments

nmrm11y ago

> All those can steal users money if compromised.

Not in a vacuum; they have to be deployed in a setting where that's possible.

> Would you include web browsers, OSs, system libraries and such in that definition?

It's sort-of a moot point, because the major products in all of these areas are routinely analyzed from a security perspective. Apple and Microsoft both spend a lot of money on security, and security researchers spend lots of time and effort auditing linux.

> If so, who do you suggest be responsible for that in an open source project?

The organization deploying the software in a security-critical setting should follow best practices when selecting and maintaining components.

There's a significant difference between engineering failures that happen even when you've followed best practices, and very preventable engineering failures that happen only because you've not followed best practices. Just because perfect security isn't possible doesn't mean we should give up entirely and not even both sanitizing input, for instance.

Additionally, OS vendors should not encourage users to use their software in security-critical settings unless the vendor is following best practices w.r.t. security. This is where I could see some bitcoin projects getting into trouble.

j / k navigate · click thread line to collapse