• 0 Posts
  • 6 Comments
Joined 9 months ago
cake
Cake day: February 13th, 2024

help-circle


  • I should have elaborated on it a bit more, my bad.

    While it’s true that DDoS is more of an active technology rather than a CYA thing. It does however also act as insurance when it comes to the “blame game”: if your site goes down it’s not your fault but the provider’s fault, meaning you might be able to recoup lost profits through a lawsuit.

    Of course the only way to avoid this for the provider is to provide better and stronger systems, which normally would grow homogenous through more customers and/or growing fees for all customers, which would pay for better capacity and stronger protection by itself.

    However here we have a client that is a high value target that others might want to take down at all costs. Even if they didn’t sue, a strong enough attack might, alongside naturally expected DDoS on other clients, not only take down this customer’s server, but others as well, which really isn’t something you want, for the reasons stated above. And rapidly increasing security could be not worth it, as it could devolve into an arms race by proxy with a high risk of the customer leaving if you raise their fees to much, leaving you with a system which’s maintenance will now dig into your profits due to a lost big income stream, or make other customers leave if you raise the general fee.



  • I think the main problem is that people try to shoehorn OOP mechanics into everything, leading to code that is hard to understand. Not to mention that this is basically encouraged by companies as well, to look “futuristic”. A great example of this approach going horribly wrong is FizzBuzz Enterprise Edition.

    OOP can be great to abstract complex concepts into a more human readable format, especially when it comes to states. But overall it should be used rarely, as it creates a giant code overhead, and only as far as actually needed.


  • And insurances provide monetary compensation until you become a common liability, too high to be covered by any sort of fee. DDOS protection is just the same. It’s only feasible if it happens rarely, like they usually happen. However if it’s a common occurrence it will just eat up the profits made by the fees and then some, which just is stupid to do in any case.