Ask HN: If security is so important, why do we make it so hard?

4 points by was_boring ↗ HN
I think we can all agree that server security is important, and general security like protection from man in the middle attacks.

So why do we make it so hard? Why hasn't anyone taken up the mantel to automate even the basics like securing common server setups? Like letsencrypt did for ssl certificates.

1 comment

[ 4.1 ms ] story [ 14.1 ms ] thread
There are so many vectors that it's hard to get customers excited about significantly paying more to close just one security door (such as sloppy or uninformed server setup.) Which doesn't mean this won't happen necessarily, just that I'm not counting on it happening soon.