Posts
Comments
Ouch, I hope your intestine has recovered since your diagnosis.
To be clear, when I say sensitivity I mean "how reactive is your immune system to gluten" rather than "do you feel gastrointestinal symptoms when you eat gluten". The correlation between the severity of symtoms (both obvious and non-obvious symptoms) is weaker than you would expect but it seem to me there still is one.
In your comment you describe 3 scenarios:
(1) Risk of cross contamination (Chipotle)
(2) Known cross contamination (fryer and pizza prep)
(3) Accidental medium dose of gluten
You are happy to accept (1), but you say celiacs "should not take" (2). I agree the risk is higher in (2), but the heart of my conclusion is that for some people (like myself), the additional risk is negligible and the benefit is significant. With the caveat that I need to check reality on "the additional risk is negligible" by measuring my immune system response.
If my lifestyle includes (1), (2), and unavoidably (3), but if my blood tests show normal antibodies (plus possibly another intestine inflammation check to be doubly sure), I think that (2) is a risk that's ok for me to keep taking.
Of course, it can be true at the same time that (2) is not worth it for you.
On the last point, I agree that avoiding long-term inflammation is important. But I don't think it necessarily follows that infrequent (3) causes less inflammation than a lot of (2). Maybe a low dose slips under the radar and doesn't trigger a reaction. Maybe a moderate dose reaches a threshold and makes your immune system hit the button and keeps the antibodies pumping for a while.
I think your conclusion is reasonable that the investment of effort in security improvements is not justified by the risk of it being exploited, but I want to pull out a tiny part of your post and suggest refining:
"There is no point in pursuing a security mindset if you are virtually certain that the thing you would be investing resources into would not be your weakest attack point."
Different attackers will target different points depending on their capability and what they care about, and which attacker will go after you depends on their motivations. Your weakest point may be lower real risk than others simply because the type of attackers who would exploit that point don't care about you.
Organisations will regularly invest resources into what is not necessarily the weakest attack point but based on their assessment of the most cost effective way to reduce overall risk. This plays into defence in depth, where multiple layers of overall security features can provide better risk reduction, especially where the weakest attack points are expensive or impossible to address.
This may seem like a inconsequential point as it doesn't make any difference to your conclusions, but I do see people focussing on weak attack points without considering whether their money is being well spent.
To me, a better framing would be:
You shouldn't invest resources into measures where there are alternatives that are more effective at reducing risk.