Comment by sophacles

Comment by sophacles 6 days ago

2 replies

View on Hacker News

> Why would one task run in a drastically different architectural situation

Someone made a mistake. These things happen.

> and it happen to be the one exploited?

Why would the vulnerable service be the service that is exploited? It seems to me that's a far more likely scenario than the non-vulnerable service being exploited... no?

bigiain 6 days ago

> > Why would one task run in a drastically different architectural situation

> Someone made a mistake. These things happen.

Some company didn't have appropriate processes in place.

For ISO27001 certification you at least need to pay lip service to having documents and policies about how you deploy secure platforms. (As annoying as ISO certification is, it does at least try to ensure you have thought about andedocumented stuff like this.)

Reply View 1 reply
  • sophacles 5 days ago

    Ah yes processes.... things done by humans. When stuff is done by humans, mistakes happen - no matter what the process is. Go do a search for the phrase "wondering how this could happen" and find millions of news articles about mistakes happening despite processes being in place!

    Reply View 0 replies