Hacker Neue

Preferences
donkeyd parent
I was unaware of this act before reading this, but I kinda like it. My current employer wants to do the absolute minimum in securing the software they develop. However, it's used at in organizations working on national energy and communications infrastructure, so it's somewhat important for it to be secure.

Meanwhile, we're way behind on updating much of our infrastructure and hardly ever check whether any of the open source libraries we use are up-to-date, nor whether they're reliable. I really hope this legislation pushes companies like mine to improve their software development practices, because I'm scared of the future.

patrakov
I am scared of the situation where the paperwork is done and the money is spent to do it, but it all stays on paper without any actual security improvements. Using your example: the internal auditor would write something like: "It was verified that the open source libraries that we use are of the latest compatible versions and do not have any crashes recorded in our system" without actually checking anything.

In other words, an array of mini-dieselgates.

Sayrus
Which sounds like an improvement over a total lack of regulations where these dieselgates would be legal.
ffgjgf1
Hardly. It might give people a totally unjustifiable sense of security

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal