We built out the web before software security was even in its infancy. The Web was almost ten years old before McGraw/Viega, Howard/Leblanc, and van Wyk/Graff's ideas started to take hold in the industry, plus we built out the whole web without an identity layer. And now we are eating the bitter back end of all these things
On the flip side, most of your stuff is not connected, we each own about 8,000 things, but only 5 of them are connected to the web. That is a big margin of safety for the offline world, but it is shrinking every day.
Now we are starting to see projects like this
“Goal: connect everything
step 1: connect rabbits
step 2: connect everything else”
So I guess my question is - are we going to connect the next 7,995 things that we each own to the web using the same old, same old - proliferating more poor security design? Or alternatively how do we SAML enable the rabbit in step 1?
Comments