> You can’t just have a database admin,” Pandey explained. “A database is now 500 components. So you need your [site reliability engineer] organizations and your DevOps organizations to be aligned to that.”

LOL, what? Maybe for the cloud provider... but what’s presented to the end-customer is most certainly not 500 components.

I mean, they claim you can't just have a database admin. Let's be clear, you can just have a database admin. (For nearly all values of "you")

Yes, and even two or three, not to put all your eggs in the same basket...

Lots of Microsoft quantum posts all at once omiossec!

Probably because it’s unresolved 5 years later

What’s your alternative high-level advice then?

For generalist developers who have to get things done: learn at least a little about the major classes of security vulnerabilities that impact your development environment, and select libraries designed to mitigate them.

For students: learn a lot about the most important classes of security vulnerabilities, of which memory corruption is one important example but just one, and then take the time to learn how to exploit at least simple variants of all of them in a realistic setting, to cultivate the mindset needed to think critically about software security.

Don't write anything in C. Sure. But really almost nobody does that anymore anyways.

Is that per non-disclosure event?

Lots of hyperbole there. Ring doorbells aren’t cheap and I pay for the subscription plan (fairly limited without it). It generates revenue on the subscription not the data.

I dont doubt they make money from subscriptions, but they have been reported as giving discounts/free Ring products to residents that choose to share.

https://www.theatlantic.com/technology/archive/2019/06/polic...

Loup is right. No need to be super defensive.... Your initial post reads very wrong. I also was very surprised. It would help if you clarified

I'm not feeling defensive so much as aware that I'm talking to someone whose goal isn't to understand what I was trying to say, and I'm not especially interested in trying to clarify to them.

Look, I know you and I have some history. But I assure you, I'm genuinely trying to understand.

Besides, it's not just about us: other people, (including @carty76ers apparently) would like to know what you would advise instead of "please validate all inputs".

This is a weird and kind of creepy message. I'm reacting to the comments you wrote on this thread, not some personal history you think we have. You keep writing things like "surely this is not what you mean" (and, of course, it isn't) and then continue to argue against the argument you imagine I must not? or must be? making. This doesn't seem productive and I'm not interested in continuing. Sorry.

Sorry, that was uncalled for. I guess that for you, it was Tuesday.

The reason I kept guessing, was because you kept not telling. Until then: https://news.ycombinator.com/item?id=21719065

Finally something I can argue with.

Why? I don’t trust F and G but the others are better than M to me.. Netflix has produced tons of widely used open source products for example...

This brought a little joy to my evening. What a clever, creative idea with an equally emotionally-palatable name! Love it

Geez... This is a worse outcome than even the cynicals predicted.