Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is a really odd description of zero trust.

For end users, zero trust looks like ‘not needing to check the VPN icon is green before you launch the payroll app’.

The concept of ‘being on the network’ goes away. Which is good, because that was a major source of confusion for end users.



I love how the industry takes a word like "devops" and redefines it until meaningless. I think that has happened to Zero Trust as well.


But.. your description doesn’t match up with what I think the original definition of zero trust means?

You said it was about preventing unknown services turning up on a network, which almost feels like the opposite of zero trust to me.

Zero trust is about not caring if unknown services are on your network, because merely ‘being on the network’ doesn’t grant you access or trust.


To put it more succinctly, in the zero-trust mindset it isn't ever _your_ network.

It's a network you happen to be connected to. Your only trust the network at the physical layer that it won't destroy your hardware. Beyond that you don't trust anything you receive over the network that you can't independently verify.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: