"the term "hack" has a lot of other less nefarious meanings, and using
it to describe unwanted or criminal activity casts the entire hacker
community in a negative light."
Just want to add my support for this important statement. Thanks for
saying stating this so well Jeremy!
-Katie
On 2025-09-28 11:15, Jeremy Stanley wrote:
On 2025-09-28 09:05:15 +0530 (+0530), Amit wrote:
[...]
But still, the main point is that can someone give an example of how a
software made up of all secure functions be hacked? I request for an
example (not theoretical statements).
Or, some example that happened in the past in the real world? I will
analyze that.
[...]
As an aside, the term "hack" has a lot of other less nefarious
meanings, and using it to describe unwanted or criminal activity casts
the entire hacker community in a negative light.
I think you still have tunnel vision, imagining that "hacking" software
can only mean attacking flaws in the way it was coded. When I say most
of the security flaws I deal with stem from poor design choices rather
than insecure coding practices, I really mean it. I'm one of the
vulnerability managers for the OpenStack project, and skimming over all
the recent entries at the top of
https://security.openstack.org/ossalist.html they basically all fit
that description.
It's comparatively easy to avoid or catch insecure coding patterns that
could lead to vulnerabilities, it's much harder to design complex
software securely.
