Hacker News new | past | comments | ask | show | jobs | submit login

What if they don't know they don't know how to make a captcha? It's an obfuscated image, those are easy to make and check! If you don't know basic things like "never trust the client", and you don't know that they exist to know, then you may not know to tell the client to have someone else do it.

That doesn't excuse the programmer. As a web programmer, it is, to some extent, their job to know when they're out of their league. But second-order knowledge can be a rare skill.

Yes, this exactly. Donald Rumsfeld got no end of flack for his comment (distilled here) "there are known knowns, known unknowns, and unknown unknowns", but it's actually a great statement - in this case, there are some people who know they know how to make captchas, some people who know they don't, and some people who don't know that they don't know.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact