Hacker News new | ask | show | jobs
by pixl97 811 days ago
> Is there a photo of the person?

Does that even matter these days?

Especially if we're talking nation state level stuff convincing histories are not hard to create to deflect casual observers.

>Be more paranoid.

Most people in OSS just want to write some code to do something, not defend the world against evil.
1 comments
2devnull 811 days ago
“Does it even matter?”

Yes, it would have prevented this attack. It isn’t totally sufficient but it’s quick and easy and would have prevented this attack.

“Most people don’t want …”

I get it. I think the issue is that pushing junk code from malicious contributors into your project causes more hassle in the long run. If you just want to code and make stuff work, you should probably be careful who you pull from. It’s not just for the benefit of others, it’s first and foremost to protect the code base and the time and sanity of other contributors.

link
pixl97 811 days ago
"Sorry, we had to kill open source software because bad people exist" -Microsoft laughing all the way to the bank.

The more paranoid walls you put up the more actual contributors getting into the movement say "eh, screw this, who wants to code anyway".

This isn't just a problems with OSS, this is a fundamental issue the internet as a whole is experiencing and no one has good answers that don't have terrible trade offs of their own.

link