Posted on Ottobre 30, 2017
Dumbing down every IT solution is dumb
We are seeing an everyday increasing process to make everything easy in the IT world.
Every “make your own website”, every “make high performance application with only a yaml” smells bad to me.
When you are making an IT product where lots of things are involved and you think, sometime, that putting a docker swarm in your application stack could solve every problem, maybe this is not the right way to face all the problems.
I think that we, as IT world builders, have to stop saying “it is easy”, because most of the time is not.
We have to start embracing the complexity of our product and stop trying to over-simplify everything on the shoulders of our users.
One example of this trend to oversimplify is when a webmaster does not implements the best practice about password storage and the best excuse is: this is only my website, isn’t an high profile target.
Yes, I know, your website has less than 50 users and so on and so forth.
This isn’t a valid reason to avoid implementing a valid software for storing users passwords because users are lazy and they mostly use the same password everywhere.
I can hear you complain with: “you have to use a strong password and don’t reuse the password” and so on …
This is a best practice, but a user is not a security expert. You have to improve and implement better solutions, is not a valid excuse that users are wrong to use the same passwords for the bank account or for a small website that hosts recipes. It’s your duty to protect the user.
This is the real world, you can not ignore these issues and pretend that the world is build on top of best practice and security experts.
Thanks guys, see you next time.