Hacker News new | ask | show | jobs
by chrisseaton 1458 days ago
> They literally have no legal requirement to even tell you as much as they did.

Is ‘fulfilling legal requirements’ all you look for in a business relationship?

A restaurant has no legal requirement to make this food tasty but it’s what I’m looking for when choosing where to go.
3 comments
PradeetPatel 1458 days ago
As someone who works in the reputation management sector, fulling legal requirements is crucial in establishing a presence in key markets. However, oversharing of internal information that's not required by legal requirements can lead to unnecessary reputation damage, which would lead to a decrease in value for key stakeholders.

I think many engineers often overlook the business implication of disclosing security issues, as it would impact multiple business units as well as the board's stance on security, resource allocation, and potentially the stock price too.

>A restaurant has no legal requirement to make this food tasty Food is a core deliverable for a restaurant, whereas information on a potential breach is not for a SaaS service unless it is legally required.

link
dannyw 1458 days ago
Some people are in tech because they want to build technology ethically and responsibly, not to maximise the stock price at all costs.

GH has no evidence this was not exploited. They just didn't log enough things to know if it was exploited or not.

link
pastacacioepepe 1458 days ago
> which would lead to a decrease in value for key stakeholders.

I couldn't care less. I want value as a customer. Any company that prioritizes stockholders to customers doesn't deserve my customer money.

link
akagusu 1458 days ago
Since almost every popular tech company is a quasi monopoly, they use this "fulfilling legal requirements" strategy to abuse the market providing overpriced services with bad quality.

Unfortunately, people got used to this practice and gladly accept when such companies fulfill all their legal obligations, even when this hurt them or their business.

link
gtirloni 1458 days ago
How much is GitHub overpricing their bad quality services?
link
adamcstephens 1458 days ago
With some price transparency into what companies actually pay for services such as GitHub, maybe we can find out.
link
Doxin 1458 days ago
> A restaurant has no legal requirement to make this food tasty

Somewhat tangential but I'm not even sure that's entirely true. It gets all sorts of tricky due to the subjectivity, but surely fit-for-purpose laws apply here? I'd be really surprised if a five star restaurant selling $500 tasteless gruel with chunks wouldn't manage to get into trouble if they refused refunds.

link
zx8080 1458 days ago
Dishes similar to described ones could be served in the top "Scandinavian food movement" restaurants [1].

[1] - https://www.nbcnews.com/news/world/ants-cod-liver-moss-denma...

link