• 🇰 🌀 🇱 🇦 🇳 🇦 🇰 ℹ️@yiffit.net
    link
    fedilink
    English
    arrow-up
    96
    arrow-down
    2
    ·
    edit-2
    1 year ago

    The U.S. Web Design System (USWDS) provides a comprehensive set of standards which guide those who build the U.S. government’s many websites.

    Now I know what to blame for every single US government website being so poorly put together they they barely function, if they function at all.

          • Chronographs@lemmy.zip
            link
            fedilink
            English
            arrow-up
            48
            ·
            1 year ago

            Security through obscurity doesn’t, work the vulnerabilities are still there. Also if the vulnerabilities are visible they’re also easier to close.

          • NAK@lemmy.world
            link
            fedilink
            English
            arrow-up
            31
            arrow-down
            1
            ·
            1 year ago

            Tell me you have never worked in IT security without telling me you never worked in IT security.

            To give you an actual answer, instead of pure Internet snark, the concept you’re proposing is called “security through obscurity” if you want to research it.

            The TL:DR of it is it doesn’t work. If it did, all software would be proprietary and things like viruses wouldn’t exist. The source code for Windows isn’t available, but Windows gets exploited constantly.

          • tabular@lemmy.world
            link
            fedilink
            English
            arrow-up
            21
            ·
            1 year ago

            More eyeballs are from people wanting those flaws fixed that wanting to exploit them.

            Proprietary source code has much fewer eyeballs, none of which you can verify belong to competent or trustworthy people.

          • Revan343@lemmy.ca
            link
            fedilink
            English
            arrow-up
            20
            arrow-down
            1
            ·
            1 year ago

            If it’s open source, anyone can poke around in the code and find vulnerabilities to exploit way easier patch

            FTFY. Open source software is more secure than closed source, not less

            • lud@lemm.ee
              link
              fedilink
              English
              arrow-up
              11
              arrow-down
              2
              ·
              1 year ago

              No, you can’t really make blanket statements like that at all.

              Open source doesn’t compromise security on its own and closed source is the same.

              Open source might be more secure but that’s only if people actually audit it properly and some closed source codes are audited more closely than some open source code.

          • Free Palestine 🇵🇸@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            12
            arrow-down
            1
            ·
            1 year ago

            Is this a serious question?

            This is the exact same ridiculous argument that proprietary software corporations make. It never made any sense, security through obscurity will never work. Linux is open-source used on ~80% of all web servers, in your logic these servers would all be vulnerable. It just doesn’t make any sense. Linux is also used in many embedded devices and Android is based on the Linux kernel. But Android (which is also entirely open source) has one of the best security models out there.

          • cm0002@lemmy.world
            link
            fedilink
            English
            arrow-up
            8
            ·
            1 year ago

            That’s the same bullshit line politicians and corporations use, it’s simply not true

          • sudneo@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            Vulnerabilities can and are usually found without code inspection. Fuzzing, reverse engineering, etc. At the same time, it is easier to find vulnerabilities having the code to check, but it is easier also for those who want to have them patched. That’s why we have tons of CVEs in Windows, iOS etc., and they don’t all come from the vendor… Depending on the ratio of eyeballs looking at something to fix and the ones looking at something to exploit, open source can be more secure compared to closed source.

      • acockworkorange@mander.xyz
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        And 100% of it is dog shit. I have seen custom products from Accenture, Deloitte, and E&Y, and they were passable prototypes at best.

        • theneverfox@pawb.social
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Accenture doesn’t make shit. They bring in expensive ass consultants with 25 years of experience (on paper), then they sell something basically off the shelf. What’s left of the budget goes to a subcontractor, who now has to glue the already purchased pieces together with spit and gum, now on a very tight timeline before the funding runs out and your tiny company gets the blame

          Haven’t worked directly with the others, but the Accenture story was the same everywhere

    • Blue and Orange@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      That’s the opposite of most UK government websites. I’ve always found them very well designed and easy to use. I think they’re well regarded by web designers

    • sue_me_please@awful.systems
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      USWDS is new and is a response to exactly that problem. You’d be blaming people who have nothing to do with the status quo who were hired to fix the problems you’ve experienced.

    • littlewonder@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Not to derail a good point but there are at least a few government entities with brain cells. Check out digital.gov and cloud.gov, the latter of which has created a responsive, accessible platform for government websites.

    • shalafi@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      8
      ·
      edit-2
      1 year ago

      every single US government website being so poorly put together

      So, just like the rest of the internet? A technology, that popularly speaking, has only been around for 30-years?

      And you expect an entity, as huge and diverse as the US government, on federal/state/local levels, to be on the same page?

      I can safely make 2 predictions about you:

      • You’re young, and that’s A-OK. My kids are GenZ, maybe Alpha? They’re my last, best hope for this world. But you haven’t had the benefit of watching all this evolve. I was writing BASIC on a VIC-20 as a child. 3K RAM!
      • You’re not in tech. So again, you haven’t had the benefit of trying to make all this shit work. GenXers physically and programmatically built the world you live in, on top of the work of the Boomers. I’ve hung cable drops and coded, all messy.

      This clusterfuck is both expected and natural. Or did your science teacher tell you evolution was orderly? Or perhaps intelligently designed?

      And anyone else wanting to complain, I’ll remind you, this is how the government vs. the free market works.

      Government works by rules that are not broken or bent. And this pisses some people off. Private enterprise works by what works and what doesn’t. It’s fast and fluid, and not designed to take “the people” in mind. And this pisses some people off.

      Some tasks are appropriate for the government, some for the public sector. We’re still working this shit out. (website_under_construction.gif)

      • 🇰 🌀 🇱 🇦 🇳 🇦 🇰 ℹ️@yiffit.net
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        edit-2
        1 year ago

        I can safely make 2 predictions about you:

        You might wanna check the reception on your crystal ball, Nostradamus, cuz you’re wrong on all counts. I’m 38 and have worked in general IT as well as network engineering.

      • tiredofsametab@kbin.social
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        What a weirdly arrogant, condescending response. I also started on basic on a vic20, had a dad who worked in IT for the government, and have done all of that except the physical wiring on any noteworthy scale. This is utterly unhelpful.

      • jeremyparker@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        This thread is filled with people who don’t make a connection between shitty government websites and the roads that are filled with pot holes, several train derailments every day, a tax collection agency that doesn’t have enough staff to do audits on wealthy people, and schools that ban books that have rainbows in them but teach books by Prager U.

        We could have better government websites - but not if we elect “starve the beast” politicians.