Comment Re:Well that was 7 minutes I won't get back (Score 1) 156
The underlying platforms and infrastructures we develop on top of should take care of [ensuring security], and leave us free to innovate and create the next insanely great thing.
The other major factor in why things are so bad is that we don't care, evidently. If developers refused to develop on operating systems or languages that didn't supply unattackable foundations, companies such as Apple and Microsoft (and communities such as the Linux kernel devs) would get the message in short order.
This article is missing even a gesture towards explaining why "the infrastructure" should be responsible for security while developers create their masterpeices, and boils down to mere whining: "Security isn't fun so someone else should do it for me!" Perhaps the worst part is that there is a good argument to be made that the OS and hardware should take of security, and a fundamental limit to how much security they can offer; the blog author just doesn't make it. Having the OS plug a given security hole once is more efficient than having each application duplicate the effort of plugging the hole. On the other hand, security is necessarily a trade-off for functionality, so the only fully secure application is one with no permission to do anything.