Quoting William Woodruff, Security means securing people where they are, 2024

Being serious about security at scale means meeting users where they are. In practice, this means deciding how to divide a limited pool of engineering resources such that the largest demographic of users benefits from a security initiative. This results in a fundamental bias towards institutional and pre-existing services, since the average user belongs to these institutional services and does not personally particularly care about security. Participants in open source can and should work to counteract this institutional bias, but doing so as a matter of ideological purity undermines our shared security interests.

— William Woodruff, Security means securing people where they are, 2024 (via)

10:21pm on November 19, 2024 from Vancouver, Canada.


uid: ab3b7f66-5c68-4099-8f34-83ef70b61f80
creator: Silas Jelley
primary: references
secondary: quotes
available: 2024-11-19 22:21:32
created: 2024-11-19 22:21:32
updated: 2024-11-19 22:21:32
slug: 2024/11/19/222132
source: {'title': 'Security means securing people where they are', 'creator': 'William Woodruff', 'published': datetime.date(2024, 11, 18), 'url': 'https://blog.yossarian.net/2024/11/18/Security-means-securing-people-where-they-are', 'text': 'Being serious about security at scale means meeting users where they are.\nIn practice, this means deciding how to divide a limited pool of engineering resources such that the largest demographic of users benefits from a security initiative.\nThis results in a fundamental bias towards institutional and pre-existing services, since the average user belongs to these institutional services and does not personally particularly care about security.\nParticipants in open source can and should work to counteract this institutional bias, but doing so as a matter of ideological purity undermines our shared security interests.', 'wordcount': 93, 'html': 'Being serious about security at scale means meeting users where they are.\nIn practice, this means deciding how to divide a limited pool of engineering resources such that the largest demographic of users benefits from a security initiative.\nThis results in a fundamental bias towards institutional and pre-existing services, since the average user belongs to these institutional services and does not personally particularly care about security.\nParticipants in open source can and should work to counteract this institutional bias, but doing so as a matter of ideological purity undermines our shared security interests.\n'}
via: {'url': 'https://simonwillison.net/2024/Nov/19/securing-people-where-they-are/#atom-blogmarks'}
filename: /home/silas/notes/2024/11/19/222132.md
title: William Woodruff, Security means securing people where they are, 2024
interlinks: set()
backlinks: set()
tags: []
wordcount: 0