You are viewing a single comment's thread from:
RE: Steemit.com is experiencing a DDoS attack.
Tossing around PCI and HIPAA (not HIPPA lol) without understanding the specific security requirements of steemit.com in this instance just tells me “I don’t know what I’m talking about”.
That’s not elitist, it’s just you not understanding the specific risks to this site.
I’m happy to take some time at steemfest to explain in depth to you why what you’re proposing is a bad idea.
Worst case? The company and the site will not be taken seriously by professional investors and brands who might otherwise integrate and risk their brand reputation by being associated with this project.
I think that’s vastly overblown, and I think you’re making it up to win an argument. Any downtime, splash page or no, harms the brand. I asked for the delta.
Sorry for misspelling HIPAA, thanks for pointing that out. I have some slight dyslexia, so it's unfortunately common for me to mix letters up like that.
I think the community would benefit from understanding more about the specific security concerns of this website. If I, a ten year veteran of my own software as a service company which deals directly with security, am ignorant of it then most others are as well. If our frustration is based on ignorance, please help remove that frustration through education. I'd really appreciate reading a post by you or the steemitdev account so I can better understand what makes Steemit so different.
Is this something you or your team will put together? Communication is key, and I keep hearing from the community how people want more of it.
I don't understand what you mean about a delta. You asked for the worst case scenario. I tried to come up with one like you asked. Then in a separate paragraph mentioned a delta. What do you mean by delta? Do you mean what's the difference in harm between going down without a status page, site down page, or clear communication about the outage, what caused it, and how it was resolved compared to having none of that like we do now? IMO, it's quite large. People are left with the impression this site is not professional and not ready for mainstream adoption or integration.
It seems the site is down right now again. I'm glad to see a Tweet about it, but without a status page or a static site down page, how is anyone supposed to know your team is working on this and taking steps to ensure it won't happen again?