• AlecSadler@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    ·
    7 months ago

    My friend worked in fintech for awhile and the stories he told me absolutely frightened me.

    For banks, if it isn’t broke, don’t fix it. If it is broke, run a cost-benefit analysis…does it cost us less in losses each year than it would to overhaul/fix? Then also don’t fix it.

    The code bases he had to deal with were absolute garbage apparently with hokey patch upon hokey patch.

    He discovered a password validation issue (for a bank I used to bank at…) but essentially you could have a close but not exact password entry and still be let in. It took them like 6mos to fix it because it wasn’t really being abused.

    Just absolute madness.