really wish that I had a more accessible way to explain "something that is right 90% of the time is vastly more dangerous than something that is wrong 90% of the time" to people.
'cuz to me this is incredibly obvious, and also I do understand why people without threat modeling experience would believe the opposite, but bridging that gap is a real bastard.
@munin presumably because in the former case you’re less likely to catch it when it fails? i don’t threat model per se, as in, it’s not something i learnt or do professionally but that’s my understanding/ guess
Fi 🏳️⚧️
amy