Comment on ICEBlock handled my vulnerability report in the worst possible way
Bane_Killgrind@lemmy.dbzer0.com 16 hours agoWouldn’t need so much regulation if things were just well reasoned and fit for purpose. Or if they would stop only pretending to be those.
x1gma@lemmy.world 8 hours ago
No matter how well reasoned, allegedly fit for purpose or how much something pretends to be it, we shouldn’t be trusting those promises, especially not from people we don’t know. That does not end well neither for the free candy van nor for cybersecurity. Trust like that has been responsible for a lot of attacks over varying vectors and for projects going wrong.
Bane_Killgrind@lemmy.dbzer0.com 6 hours ago
Well yeah, that just requires a consensus on what is trustworthy. There are some things that are trustworthy, and you need to have some way to identify that, if you are going to protect yourself.
But that just shifts the blame to the user, who is a non expert, and we don’t really have good ways to identify safe software products. There’s stuff like CSA for physical products. It’s short-sighted to say “well if you don’t know, use nothing”, because that’s not going to happen.