On 2025-09-28 09:05:15 +0530 (+0530), Amit wrote: [...]
But still, the main point is that can someone give an example of how a software made up of all secure functions be hacked? I request for an example (not theoretical statements).Or, some example that happened in the past in the real world? I will analyze that.
[...]As an aside, the term "hack" has a lot of other less nefarious meanings, and using it to describe unwanted or criminal activity casts the entire hacker community in a negative light.
I think you still have tunnel vision, imagining that "hacking" software can only mean attacking flaws in the way it was coded. When I say most of the security flaws I deal with stem from poor design choices rather than insecure coding practices, I really mean it. I'm one of the vulnerability managers for the OpenStack project, and skimming over all the recent entries at the top of https://security.openstack.org/ossalist.html they basically all fit that description.
It's comparatively easy to avoid or catch insecure coding patterns that could lead to vulnerabilities, it's much harder to design complex software securely.
-- Jeremy Stanley
signature.asc
Description: PGP signature
