(techcrunch.com)

282 points bundie | 1 comments | 25 Jun 25 18:07 UTC | HN request time: 0.196s | source

Show context

yodon ◴[25 Jun 25 22:32 UTC] No.44382371[source]▶

Pretty sure auth is not something I want a self-taught dev (or even most CS-graduate devs) writing.

Oauth2, JWT's, hashes, timestamps, validations, and such, are all totally simple until they're not. The black hats have way more experience and way more time invested in this space than most any normal dev.

replies(8): >>44382542 #>>44382600 #>>44382664 #>>44383532 #>>44383603 #>>44385107 #>>44385540 #>>44459701 #

pinkmuffinere ◴[25 Jun 25 23:13 UTC] No.44382664[source]▶

>>44382371 #

> The black hats have way more experience and way more time invested in this space than most any normal dev.

Surely the black hats you refer to are themselves self-taught? They didn't find a school that would teach them about crime, right? In that case it seems like self-taught can be good enough.

replies(3): >>44383202 #>>44383609 #>>44384288 #

1. slt2021 ◴[26 Jun 25 04:54 UTC] No.44384288[source]▶

>>44382664 #

if blackhat is wrong nobody will hear about it

if software dev/blue team is wrong, it leaves a giant gaping hole in the system open for anyone to exploit 24/7

↑

Better Auth, by a self-taught Ethiopian dev, raises $5M from Peak XV, YC