Hacker News new | ask | show | jobs
by peteradio 903 days ago
He could sell rights to the repos and disavow any knowledge of its maintenance while maintaining the link in his own repos. When those sold rights are used to commit some crime he has plausible deniability as anyone else but got a payday. If you try spinning off the subpackage just prior to a sale then it shows some sort of intent.
1 comments
umanwizard 902 days ago
Is there any evidence that he has ever done anything like this, or that he plans to? Or is this just pure speculation?
link
peteradio 902 days ago
I didn't declare he's done this only that it is a vulnerability of depending on those packages.
link