Hacker News new | past | comments | ask | show | jobs | submit login

This is the proper decision here, but not merely for the reason they've given.

The best reason the list should be widely available: The exploit has already happened in this case, and disclosing it doesn't help attackers do further harm; the harm is already done. Removing the list is closing the barn door after the horses are gone.

It's worse than that, more like blocking the fire lane before the ladder truck can begin evacuating people.

Lets be honest about it; the real reason it was pulled down could've very well been to limit culpability in dissemination.

Unlikely. At least in Gitlab's case. Why would they have reinstated it?

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact