v21’s avatarv21’s Twitter Archive—№ 76,269

  1. there can be a kind of despairing attitude to the problem of making secure software. but, even though there will always be new stuff popping up, I do think it is possible to do & I think we are transitioning to that world.
    1. …in reply to @v21
      and, the despairing attitude is the reason we don't have it. and the fact that it has to be a collective shift across the whole ecosystem, because you can't solve the whole thing anew with each program you write.
      1. …in reply to @v21
        was thinking about this with that "Trojan Source" thing (trojansource.codes/). which got two reactions: - yes, OK, of course, we know this, this is how Unicode works, duh - and text editors & source repos adding in highlighting and warnings to eliminate the threat in practice
        1. …in reply to @v21
          if someone had pointed this out a decade ago (and I assume someone did), it feels like the response would've been "OK, but what can you do about it? it's impossible to stop". attitudes change.