Y
Hacker News
new
|
ask
|
show
|
jobs
by
ache7
1412 days ago
Here is a commit with malicious code from a Microsoft employee:
https://github.com/promonlogicalis/asn1/commit/7bdca06d0edf8...
3 comments
raggi
1412 days ago
That commit was rewritten from
https://github.com/Logicalis/asn1/commit/d60463189a563e49f19...
which was signed, but is not in the fork.
link
ache7
1412 days ago
Damn, github should show some big visible warning about this.
link
3np
1412 days ago
As long as the commit is not signed (marked green), that means nothing.
link
vladvasiliu
1412 days ago
This is interesting. If you go to that user's profile, and look at the "contributions", there are none in July / August. Yet the commit is from two days ago.
link