1 comment

[ 2.7 ms ] story [ 11.2 ms ] thread
“You are also much more vulnerable to security incidents (and need to spend a significant amount of time chasing updates”

I can’t help but read this as “your security vulnerabilities are much more likely to be caught”. There are no CVE’s for private code, but maybe that’s a bad thing?

If you introduce a remote code execution vulnerability, no one will tell you (perhaps)