63
Why Bloat Is Still Software’s Biggest Vulnerability
(spectrum.ieee.org)
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Follow the wormhole through a path of communities !webdev@programming.dev
It takes time to implement features. Execs and managers don't want to implement the wheel and developer time costs a lot more money than security vulns.
On the other hand, reinventing the wheel isn't really great, either.
Part of the reason for bloat is the fact that frameworks and libraries became huge, a basic Spring Boot webserver is already gigantic.
@agressivelyPassive
> Part of the reason for bloat is the fact that frameworks and libraries became huge
Absolutely. What I find funny is that the inverse is kinda true, too. Tiny dependencies (as seen in the Javascript world) are also to blame. They’re so small, I’ve noticed some devs say “well it’s so small, what’s the harm of one more?”. Bloat by a thousand deps.
@programming
IMO, some things will require obligatory security checks. They will have to be legally binding too. Then businesses might be forced to care.
Without any consequences, nobody will care until something happens.
CC BY-NC-SA 4.0