Anything related to security should fail safe. Failure is not lack of rigour, it... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

underwater on Nov 10, 2022 | parent | context | favorite | on: Accidental Google Pixel Lock Screen Bypass

Anything related to security should fail safe.

Failure is not lack of rigour, it's from fundamentally flawed architecture.

jwr on Nov 14, 2022 [–]

This begs for the famous quote:

"When a fail-safe system fails, it fails by failing to fail-safe." (from the wonderful "Systemantics").

Yes, one should definitely try to fail safe. But managing your states and state transitions explicitly and carefully is a good way to avoid these kinds of bugs.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact