this post was submitted on 09 Dec 2023
628 points (99.1% liked)
Programmer Humor
32453 readers
666 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Thin line between giving useful error messages and more attack surface.
If your code gives attack surface by information about what went wrong maybe you should not even deploy anything. If your code needs to be secret to be secure your code is anything but secure.
Not code but internet. A often seen error is letting Appache/Nginx display their name & version in 403/404 pages. First step in planning an attack.