Hacker News new | ask | show | jobs
by sixie6e 37 days ago
Is going to Codeberg or sourcehut(or Forgejo, etc) not like switching from Pepsi to Coke(or Mr. Pibb, etc)? When people start flooding to those alternate hosting platforms, threat actors are going to start heading that way as well. Shark bites happen near the shore, because that is where the people are.

Also, I think the conditioning of people in society is underestimated. If a corporation tells its consumers that it remedied the situation, most will opt for familiarity, correct?
1 comments
fiedzia 37 days ago
> threat actors are going to start heading that way as well

bad actors are not the problem, Github priorities and attitude are, so switching solves that. Will other providers have outages? Sure, sometimes. But you'll be able to find one that manages that better.

link
sixie6e 37 days ago
Will you, though? Compared to PyPi/VSCode, etc GitHub made platform-wide, security changes. Blue Team gets blamed often but you can't dodge an object you don't know is headed your way. The best you can do is mitigate it, and prevent further loss. If an organization exfiltrates data, you can't go back in time and get it back. Also, AI gets tossed around as excuse for things, but it really is finding some obscure vulnerabilities humans wouldn't have. https://fortune.com/2026/04/14/anthropic-mythos-reveals-secu...
link
fiedzia 36 days ago
Github ignored platform issues (not just performance) because it was busy migrating to Azure, and it wants to bear the cost of ai using its infrastructure now to benefit from that somehow later. Other providers do not have this problem and live mostly from paying customers whose priority is to have stable platform. So yes, it is easy to find someone else whose priorities align with mine and doesn't have GH issues.

> AI gets tossed around as excuse for things, but it really is finding some obscure vulnerabilities humans wouldn't have.

Which is fine, as long those using it do not do so at expense of others. As a paying Github customer, I do not wish to pay for a service that doesn't work because someone else is throwing agents at it. This is largely GH issue, not general problem.

link
sixie6e 36 days ago
Other people may not be throwing AI agents at those other platforms yet. I doubt it but even if those platforms weren't currently being targeted, they will be.
link
fiedzia 36 days ago
I assume other platforms will prioritize paying customers over agents (of not paying ones) because they do not have resources to attempt anything else.
link