24 mins

No one tells developers and project managers to throw things away. We assume that because it's cheap to keep it around, the emotional comfort is worth the tradeoff. But we're not thinking about how vulnerable we make ourselves by not having an automated and tested way of getting rid of things that we don't need anymore.

I want to problematize keeping deprecated codebases around and emphasize that mindless retention of data and code just increases our threat surfaces for attack and data corruption. Attackers in the future may be motivated by both ideology and money, and we are responsible for that.