As for the main point of Mikko's post, I have never understood why so many folks in the netsec industry are arrogantly pessimistic about the innovation of others. I found Flame jaw-droppingly amazing.
Security folks often lack development experience, specifically in products that ship, to appreciate the big picture. This is why certain people on HN were so fixated on a lack of code obfuscation to give credit to the massive QA effort behind making all of stuxnet work on such a complex target.
I say this as a security person who has previously done dev on product teams.
Security folks often lack development experience, specifically in products that ship, to appreciate the big picture. This is why certain people on HN were so fixated on a lack of code obfuscation to give credit to the massive QA effort behind making all of stuxnet work on such a complex target.
I say this as a security person who has previously done dev on product teams.