‘”Security-By-Design”
needs to be required by federal law.
The Free Republic website allows for posting text, showing pictures and movies, and collecting money.
Many of us are here because the site is rather free of annoyances (excluding fighting the Ukrainian-Russian war in the USA as well).
Eh, I disagree. We don't need government authoritarians deciding what we get to see, or how "secure by their definition" it is.
OTOH, a web service that could evaluate a given website from the outside and make an assessment of its security is useful, if its use is strictly voluntarily. There are a number of such services that evaluate websites based on known vulnerabilities; this is not an original suggestion.
> The Free Republic website allows for posting text, showing pictures and movies, and collecting money. Many of us are here because the site is rather free of annoyances (excluding fighting the Ukrainian-Russian war in the USA as well).
FreeRepublic.com is a shining good example of "Security-By-Simplicity", which is a form of "Security-By-Design". It has a relatively tiny "attack surface", and very few (maybe no) ways it could be hacked at the GUI.
In over 25 years of operation, while it has withstood many DDoS attacks, and undoubtedly has been a constant target of Leftist hackers, I'm unaware of any time it has been compromised due to a security flaw.
Pinging John Robinson in case he has a comment, or wants to take a bow for the excellent site he made. :-)