Stack traces are an security problem

Exceptions expose too much internal information about the system that is otherwise hidden, error messages with codes are the way to go.

because security by obscurity has such a good track record!

>>2
Is not poasting your SSN here security by obscurity?

>>3
no, but not poasting source code and/or symbols in hope of preventing people from learning why shitty buggy software is shitty and buggy is.

Any code is a security problem. The best way to remain completely secure is to never use a computer or phone. Problem solved! Wait, no.

We have to take acceptable risks every day.

Do you drive a car? You could get in a car accident. But the only way to never get in a car accident is to never be in a car. But that severely limits what you can do. It's just like people who use NoScript to disable javascript. Sure, you're more secure. You're also a luddite.

Absolute security is impossible. Reasonable security is what you should aim for. Reasonable security should not get rid of useful things. Stack traces are no exception to this, no pun intended.

>>5

It's just like people who use NoScript to disable javascript. Sure, you're more secure. You're also a luddite.

ah yes, because javascript web apps are an innovative technology and not using them is just like being an amish. if there's no IoT dildo stuck in your're are anus, your're are a luddite.

if stack traces are visible to the end user you are retarded