As delicious as the ongoing Parler hack is, it's also a good case study on how (not) to do service security.

The mistakes/oversights that enabled this breach are pretty basic ones that any experienced operations/security engineer should have been able to handle. But they might not be obvious to developers or engineers who don't work in that field.

The corollary to this is: don't make engineers with no proven experience with security responsible for securing your platform 😛

Sign in to participate in the conversation

Personal instance for @gid.