Did Scott Hanselman have too much cough syrup on show #135?
So this question will get technical – eventually – but first check out Hanselminutes with Atwood (et. al.) where Scott basically invites developers to try to hack this site. It’s a hoot. I first thought (out loud of course, because with headphones on you get the best stares from people as you think out loud) “he either just got off a plane without meal service from Hong Kong or was ticketed for driving a Bobcat after too much cough syrup.”
So the question is, if a site like this can survive on one box, does it need multiple firewalls, a DMZ, and an anal ex-banker with a big stick? In other words, do we chase after the grail of security architectures just because THEY tell us to?
Disclaimer: I love Scott Hanselman and am a big fan of his another layer of abstraction theory.
I really enjoyed the podcast, and found it refreshing to hear someone of Jeff's reputation sharing the same business/cost driven reality that so many of us face. I often find books/podcasts/presentations a little Utopian.
Making it work is still the primary goal. Beautiful code, perfect abstraction, NSA level security - those are all lofty goals too, but too much focus on those things can drive a project into premature bankruptcy.
Ya, I agree that my paranoia probably got the best of me. I think it's MORE useful to complain about Jeff's lack of a separate dev and staging machine...not sure I have the stomach to push directly out to production. ;)
Seriously, though, forgetting about the hardware aspects of things, I should have talked more about threat modeling. It seems like Jeff's got a pretty good handle on that, however, and is plugging holes as fast as they are found.
Well, it's not as though this site hasn't been cracked. So yes, it's probably worthwhile to chase better security.
The other, non-security related problem with running the site on one big box is the lack of redundancy. There are any number of single points of failure, both in the single server and that everything is in one data center.
I'll assume that the service provider has hot spares ready to swap in for their customers, and multiple internet connections, but still...
It is possible that Scott Hanselman/a will also chime in, as he also uses the site.