To update blobs or not to update blobs
codon.org.uk11 points by trelane 4 days ago
11 points by trelane 4 days ago
I think this comes from this Mastodon thread, https://snac.lx.oliva.nom.br/lxo/p/1771789687.181567
After reading that thread I immediately though - Why is there always that guy yelling "But the extreme case doesn't hold, therefore it's invalid"
They just come off as an uninformed troll - the truth is it is very rare in life that any single thing meets the perfect solution.
The best anyone can do is make an effort to move toward that goal whilst we look for better solutions AND we move away from solutions that are definitely not working in the direction of better solutions.
In this case, we know for a fact that obscurity is a weaker and worse solution to open and honest security postures (for the most part), and the fact that we have the /opportunity/ to inspect things is infinitely better than not having that choice at all.