Did Scott Hanselman have too much cough syrup on show #135?

So this question will get technical – eventually – but first check out Hanselminutes with Atwood (et. al.) where Scott basically invites developers to try to hack this site. It’s a hoot. I first thought (out loud of course, because with headphones on you get the best stares from people as you think out loud) “he either just got off a plane without meal service from Hong Kong or was ticketed for driving a Bobcat after too much cough syrup.”

So the question is, if a site like this can survive on one box, does it need multiple firewalls, a DMZ, and an anal ex-banker with a big stick? In other words, do we chase after the grail of security architectures just because THEY tell us to?

Disclaimer: I love Scott Hanselman and am a big fan of his another layer of abstraction theory.

Answers


I really enjoyed the podcast, and found it refreshing to hear someone of Jeff's reputation sharing the same business/cost driven reality that so many of us face. I often find books/podcasts/presentations a little Utopian.

Making it work is still the primary goal. Beautiful code, perfect abstraction, NSA level security - those are all lofty goals too, but too much focus on those things can drive a project into premature bankruptcy.


Ya, I agree that my paranoia probably got the best of me. I think it's MORE useful to complain about Jeff's lack of a separate dev and staging machine...not sure I have the stomach to push directly out to production. ;)

Seriously, though, forgetting about the hardware aspects of things, I should have talked more about threat modeling. It seems like Jeff's got a pretty good handle on that, however, and is plugging holes as fast as they are found.


Need Your Help

Cydia package preinst/postinst can't reload launch daemon

ios debian jailbreak cydia launch-daemon

I'm writing an app for jailbroken iOS that includes both a UI application and a launch daemon. I set up the launch daemon as a subproject of the UI application project.

Control disappearing in designer

vb.net winforms windows-forms-designer

Consider an empty WinForms application created using VS2010.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.