> After that I as a consultant get access to the network and apart from some tes... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jimmcslim on April 30, 2020 \| parent \| context \| favorite \| on: Redis 6.0 GA > After that I as a consultant get access to the network and apart from some test that a developer stood up nothing matches the glossy talk. Or in my case recently... someone has generated a root certificate for the internal CA that uses an insecure crypto scheme, and Chrome still throws up a security error requiring users to click past the warnings to access the site. "Can you generate and roll out a new cert please? This isn't really 'security'?" "Oh we will get to it, can you just use the one you already have?"

Aeolun on May 1, 2020 [–]

> "Oh we will get to it, can you just use the one you already have?"

Cue 2 years going by. Same situation, except that the certificate has been regenerated with the same insecure crypto scheme.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact