Ask HN: is it possible to build large scale systems that are secure?

5 points by hoodoof ↗ HN
The huge number of hacks recently seems to be pointing to the possibility that it is not practical to build truly secure systems, especially at any sort of scale.

There must be massive opportunities for entrepreneurs who can address parts of this problem.

5 comments

[ 4.9 ms ] story [ 24.3 ms ] thread
I think it is, but I think security has to be architected into the system from the beginning, and you have to be willing to pay the price in flexibility and development time that that introduces. It's not really something solvable by entrepreneurs, other than security consultants (which is a booming but not all that scalable business).

Building secure software means that you have to think carefully at all levels about precisely what inputs may enter your software, and gracefully reject anything that you're not prepared to handle. The flip side is that you can't easily readjust your software when business needs change, because you've built your system to avoid unintended consequences and everything has to be specified out in careful detail.

The reason systems aren't secure isn't because they can't be - some very secure systems were built way back in the 60s (eg. Multics). It's because it's not economic for them to be. Insecurity is a conscious design decision, and for many markets, it's the right choice.

So, BDUF?
Sorta. You don't need to plan out the whole application in advance. You do need to plan out each component and feature in your application in advance, and follow a very disciplined coding style when implementing it.
false. don't hire incompetent coders who don't know what they are doing. Security is easy, don't assume any input is safe, clean and verify before doing anything with it. Be aware of security issues and best practices. Ah yeah, don't let untrusted people access your db.
I think a lot of it is short development times and/or lack of code maintenance.