Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They had a minor security incident right off the bat, demonstrating they don’t even fully understand what they stole. They aren’t equipped to do the job.


Only “minor” because they were in fact wrong about André being a risk. Had he been a real risk, this would have been about as major as it gets. They left him with root production AWS console and full production database access.

Fortunately he’s a standup guy and not a real security risk, so he emailed them immediately to let them know.


I missed that. What happened?


https://joel.drapper.me/p/ruby-central-security-measures/


Completely missed that. This is just the cherry on top if this shit cake.

André is a better man than I. I wouldn't be able to resist making threats about turning off prod.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: