Hacker News new | ask | show | jobs
by kogir 4235 days ago
Make sure never to commit to a public git repo either.

(Edit)

In all seriousness though, we're really bummed this happened and wish it hadn't. We do code reviews and try our best to prevent this kind of thing from happening. That said, if you truly want your account here to be anonymous, you're right to remove all personally identifiable information. I'd also recommend using tor (and using it correctly).
4 comments
im3w1l 4235 days ago
How do you make an account through Tor without being insta-banned?
link
throwaway2048 4235 days ago
The ban only applies for the first 2 weeks, then is lifted.
link
xtrumanx 4235 days ago
> We do code reviews...

Out of curiosity, how many people are familiar with HN's codebase as I thought it was developed in PG's personal flavor of Lisp?

link
nly 4235 days ago
You could always ask users for their email address at sign-up, send them a random, single-use, account recovery code, and then never store their address.
link
opendais 4235 days ago
I've made statements on HN I'd prefer are anonymous to the general public?

Also, there was no mention they were handing the info over to a 3rd party. If you explicitly state something like that, you should follow it and/or change it when the situation changes.

I don't have that issue with git repos.

I'm kinda amused a yc employee went through the effort of downvoting it after pointing out this situation is caused by y'all not following what you actually have in your notices for things.

link
Igglyboo 4235 days ago
>I'm kinda amused a yc employee went through the effort of downvoting it after pointing out this situation is caused by y'all not following what you actually have in your notices for things.

Seriously what is it with HN/Reddit where everyone assumes that any downvotes are from people with an agenda?

link
tedunangst 4235 days ago
Because I know I'm right and all rational people agree with me. Anyone who disagrees is a bad person.
link
kogir 4235 days ago
I'm not sure how to make it more clear than I did, but this data was not intentionally shared with a third party. Had we known it would happen, we'd obviously have prevented it.

The only data we knowingly send to Firebase is already public and visible to anyone that can speak HTTP.

Sorry if I'm still talking past you.

link
jack-r-abbit 4235 days ago
As far as I know, a person can not downvote top level comments on their own threads (or a reply to their comment). Perhaps employees & mods have the power to do that. But I'm not sure how you can tell it was a yc employee that downvoted you.
link
teraflop 4235 days ago
It took me a while to figure out what exactly you were objecting to, but I guess you don't like the fact that HN sends its data to Firebase?

I don't think it's fair to criticize the admins for that. For pretty much any web application you want to use, "only visible to you and us" should automatically be understood to include "and our hosting provider too, if they go digging or screw up."

link
dang 4235 days ago
The situation is actually tighter than that. We don't give the "only visible to you and us" data to Firebase (or anyone else), precisely so it won't matter if somebody else goes digging or screws up. You're protected from all of that. What you're not protected from, unfortunately, is us screwing up. We'll try our best not to do that again.
link