Hacking Question Who screwed up? (Switch security)

[PuNKeMoN]

You do realize that even if it's one, or two people, it falls on the company right? As a collective, Nvidia failed to find this security hole. They've got a whole entire department dedicated to this stuff. Yes, mistakes happen. Doesn't mean no one is at fault. It's an asinine comment to make.

I didn't say that NO ONE was at fault. Don't twist my words. And no, it would be the security team who failed, not other sections of the company. Therefore not the whole company. Would you blame secretaries and janitors for something they clearly had no part of? Blaming the entire staff is what you're doing and that's what is asinine.

 

[Naminave]

I think it's the fault of those who are dedicated to finding vulnerabilities, because if it had never been revealed, we would never know how unstable the system is. NVIDIA did not count on them being able to access a hidden mode or console developer. But you have to know how to create a system or do reverse engineering to know what safety leaks they have. An example is the databases (SQL), if you know how to create a database, for sure you can access other databases without the need of credentials, with only the browser and the dir bar....

 

[DarkKaine]

Nvidia.
It doesn't matter if something is fully documented or not, if your software is swiss cheese and there is enough determination people WILL find the flaw regardless.