The drop is always movingYou know that saying about standing on the shoulders of giants? Drupal is standing on a huge pile of midgetsAll content management systems suck, Drupal just happens to suck less.Popular open source software is more secure than unpopular open source software, because insecure software becomes unpopular fast. [That doesn't happen for proprietary software.]Drupal makes sandwiches happen.There is a module for that

The brutal truth about security

Submitted by nk on Tue, 2015-02-03 02:00

I have cared a lot, even too much about designing secure APIs for Drupal. To create a software which made it easy to write secure custom code and hard to write insecure. I placed this in front of other concerns including developer and user experience. Sounds nice, isn't it? But in truth, I was trying to tend a garden in the nuclear winter. By and large the Internet is so insecure that making it slightly easier to write more secure code is a trifling concern. It is enough that Drupal is not a house of cards of security wise and indeed it is not. Let other concerns win over security in API design. I was wrong. And I am out.

Commenting on this Story is closed.