this post was submitted on 19 Mar 2024
47 points (98.0% liked)
Programming
17668 readers
182 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It's a bit more complicated when security is involved. I deleted that post because it didn't seem responsive enough to OP's question but basically there is a big difference between stuff going wrong randomly (Murphy's law) and smart determined adversaries trying to mess with you on purpose. Testing helps more with the former.
Sure — security is one area where you do need to be a specialist.
I'd say it's the exception that proves the rule though. Don't write your own encryption algorithms, don't invent new auth flows, do hire third parties to audit and test your security systems, etc etc. If you want to specialise in something like security, then yeah that's something you should study. But at the same time - every programmer should have general knowledge in that area. Enough to know when it's OK to write your own security code and when you need to be outsourcing it.