Hacker News new | past | comments | ask | show | jobs | submit login

And we all know such vulnerabilities never happen to respectable frameworks written by real programmers using real languages (read: not PHP), only to people that lack basic clues and are utter fuckwits... oh wait, https://www.pcworld.com/article/251259/user_hacks_github_to_... https://groups.google.com/forum/?fromgroups=#!topic/rubyonra...



I wouldn't really let Rails slide here or call them an exemplar in the subject at hand. They were lazy and paid dearly for it.

A better example would be Django, most server-side Java frameworks, Ruby frameworks like Sinatra and Padrino, most Erlang code I've seen is solid, Haskell users generally know better, etc.


You mean neither of those ever had or will have security issues, because only stupid incompetent developers ever have those? That was pretty much the point of the parent comment.

Meanwhile on planet Earth every popular software package has had some issues. That's natural, security is hard and requires constant vigilance, and people are bound to err or oversee something from time to time.


I'm not suggesting that the other people aren't fuckwits either. TBH Rails is just as bad - it's the same culture of incompetence.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: