people often forget the real first rule of programming: "All user input is malicious."

  • 11
    All users are malicious, and all fools are clever
  • 5
    Because that's not how you build a functional demo. A functional demo is optimistic, and so is a manager so companies often deploy functional demos to production.
  • 1
    @Plasticnova the extended version isn't really needed as if all users are malicious they're clearly not fools, but you're technically correct, yes
  • 1
    @Lor-inc this is also why businesses are constantly being beaned.
  • 3
    @Parzi you can be a malicious fool, they aren’t mutually exclusive. Plenty of dumb criminals out there lol
  • 2
    @Plasticnova that's fair
  • 1
    A counterpart to this is Hanlon's razor. And while on an emotional level I also often feel this is the, the non-reptilian part of me realises there is a bit of cognitive bias at play.
  • 1
    @Lor-inc I would like to say "no more demo then", but that would mean dealing with huge change requests after stuff is polished...
  • 2
    I personally think that there's a big difference between "all user input is malicious" and "never trust user input*.
  • 1
    so source-code is malicious
  • 0
    @linuxxx well if all users are malicious you'd check for modified files and shit too
  • 1
    @351483773 can be, if your compiler sucks.
Add Comment