Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The reality I know is that the people who wrote their apps on Windows XP left the company some years ago, but the apps live on: perfectly functioning, but unable to make requests via anything more secure than TLS1.0 and forcing other people to run servers that continue to accept TLS1.0 years after it was deprecated by everyone else.

https://blog.pcisecuritystandards.org/migrating-from-ssl-and...

(That's the PCI announcement in 2015 that despite everyone knowing about problems with TLS1.0, they would continue to allow it through 2018 because of all the companies who deferred their technical debt in the manner you seem to be advocating.)



That happened to me. All I had to do is patch windows server. I didn't have to change or even recompile my code.

I know is hard to believe it's that simple, but it is.


So all you had to do was:

1. Know what to do.

2. Have approval to do it.

3. Do it.

... which is to say, maintenance. The fact that maintenance is simple and/or easy doesn't mean it happens by itself.


> The fact that maintenance is simple and/or easy doesn't mean it happens by itself.

Yes, there will always be _some_ maintenance. The point is it should be as simple and easy as possible.


I'm telling you that the entire infrastructure of the world is held back by companies who don't do simple maintenance, and your response is to tell me it should be easy to do maintenance.

Someone isn't getting the point, and I don't think I can make it any clearer.


Or is your point that we're held back by people who don't do simple maintenance, and trying to make maintenance simpler, while it might help, won't solve 100% of the problem.


Are you saying it's better if maintenance requires a lot of work, to encourage people to do more maintenance?

If we made things harder to upgrade would that encourage more people to upgrade?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: