|
|
|
|
|
|
by dmix
250 days ago
|
|
|
That was intentional according the Joel Drapper who leaked this incident, he wanted to make Ruby Central look bad https://www.reddit.com/r/ruby/comments/1o2bxol/comment/ninly... >> Why did Joel give so little time of advance notice before publishing his post revealing Andre’s production access? That struck me as irresponsible disclosure, but I may have missed something. > I decided to publish when I did because I knew that Ruby Central had been informed and I wanted the world to be informed about how sloppy Ruby Central were with security, despite their security posturing as an excuse to take over open source projects. > What I revealed changed nothing about Ruby Central’s security, since André had access whether I revealed that he did or not. When you have security information that impacts lots of people, you publish it so they can take precautions. That is responsible disclosure. |
|
|