> For what it's worth, I read an article about how "the bad guys are always one step ahead" when it comes to hacking in general and I have to laugh. That's never the > case. Hacks are - generally - defects in software that someone guesses at or finds. Such is the nature of almost every hack. People need to stop writing shitty
> software. I'm not defending RobDarken - he's a douchebag...
If there's one thing that anyone who understands 'cybersecurity' knows, it's that there is NO security, none whatsoever.
Software is hard and we still haven't figured out how to do it properly. Some may point to functional languages, or managed
languages or whatever, but these (besides the fact that they're not widely used and even if so, still rely/sit-on-top of languages
that promote insecure code e.g. C,C++ or operating systems written in those languages) are all little details that do not matter
in the grand scheme of things, cause security is a chain as weak as its weakest link, and the weakest link is almost always the
human factor.
People can't stop writing shitty software because we haven't figured out the way to do so and attackers will ALWAYS be ahead,
by definition, because it's defenders that always have to react. Or, to paraphrase HEAT (great movie):
An attacker can hit and miss.
A defender can not afford to miss once.
Game over.