• HairHeel@programming.dev
    link
    fedilink
    English
    arrow-up
    26
    ·
    1 year ago

    This is one of the things I talk about when people ask what the difference is between junior and senior developers.

    A lot of security is just box-checking. A lot of it is hypothetical and relies on attackers exploiting a chain of multiple bugs that they probably won’t ever find…. But you still gotta fix it.

    There’s no point in being so proud of your code and dismissing security concerns because you’re arrogant enough to think it can’t happen to you. Just learn to fix it and move on with your life.