• sugar_in_your_tea
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    8 months ago

    The problem isn’t with testing (which is an issue), but standardization on specific solutions. When everyone needs to use the same thing, it’s a lot more valuable to attack it.

    So what we need is more alternatives that work together.

    I don’t know anything about the trucking industry, so I’ll use IT instead. A lot of companies standardize on Cisco equipment, so when there’s a breach, everyone is screwed. The problem isn’t that Cisco is insecure, it’s that Cisco is ubiquitous, so one breach screws over everyone. If networking equipment was more a la carte, it’s unlikely a breach would impact all of the equipment used (e.g. a Mikrotik Router, Mikrotik Switch, Ubiquiti Access Points, etc). But bundling solutions is the name of the game for these large operations, which increases the fallout from a breach.

    That’s why Windows gets so many viruses, it’s not because Windows sucks (it does), it’s because it’s such a huge target and you’ll get so much more value from attacking it than attacking a potentially easier target.