Hacker News new | past | comments | ask | show | jobs | submit login

As an example, it seems plausible to me that a person who wants to enter the cryptocurrency sector could send a pull request and actually work with them to get merged to put it in their resume.

This person can be totally oblivious to the illegal stuff that's happening behind the scenes. After all they were just trying to prove that they actually have experience with cryptocurrency code to potential future employers.

It also can be some random security researcher who is preventing open source developers from shipping vulnerable code. I know for a fact that Github themselves employ such people that send security-related patches from time to time to open-source projects.

You can work up more examples -- my point is that people who definitely have nothing to do with any illegal activity whatsoever could exist in the list of contributors of these repositories.

It's nice that they didn't just nuke the whole contributors list, but it's still a bit unsettling.

> it's your responsibility to know and check who you are dealing with.

What can I say, duly noted.




The unfortunate reality is that there are no guarantees. I once inadvertently helped someone commit suicide. I had no idea until after he did the deed and there's no realistic way I could have known beforehand.

Sometimes you just have to assume that everyone's operating in good faith.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: