Hacker News new | past | comments | ask | show | jobs | submit login

I used GitHub and I'm not moving my stuff off. If an app gets hacked, then not long after, that app will likely be the most secure place. GitHub at least keeps it up most of the time. Who you really should be mad at are the Rails maintainers and the RoR community. I switched from Java to Ruby a few years back, and since day one, everyone using Rails has been slack on security. The reason is that they make things too easy to leave wide open. Don't believe me? Read the Rails official documentation for starting off. It is all about ease of use, not security. If you are new, you have no idea what you've really left open even when you just generate a scaffold as they show you to do. The main thing that Rails security has going for it is that the adoption of Rails is still relatively low, and because a newbie isn't likely to scale their app well, odds are you won't have an extremely popular, extremely performant Rails app that is just asking to be hacked that easily.



Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: