I assume cloud providers have hundreds of security issues that are found interna... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

kerng on Oct 9, 2018 | parent | context | favorite | on: Google Exposed User Data, Feared Repercussions of ...

I assume cloud providers have hundreds of security issues that are found internally over the course of a year. Requiring reporting would certainly be a step forward and testing in production for software would maybe be seen as what it is, an engineering anomaly and failure to perform due diligence.

stochastic_monk on Oct 9, 2018 | [–]

That’s fair. I suppose I would aim for a distinction between minor and major flaws. What would be a reasonable threshold?

UncleMeat on Oct 9, 2018 | [–]

You are going to be off by at least an of magnitude. You'd see multiple reports per day for a diligent company.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact