Hacker News new | past | comments | ask | show | jobs | submit login

Its probably a mixture of these things:

1) The people who built the site initially are gone. Even the people who hired them to do it are likely gone now.

2) The person paid to "maintain" the site is just a technology "manager" who doesn't really know all that much about how it works.

3) There is nobody at the company who can tell if the "audits" they are paying for are snake-oil or not, but they're expensive so they must be good.

4) Even if the threat is real, they don't even know where to start in assessing it so they just fall back on their expensive "audit".

This leaves them unable to tell well intention-ed do-gooders from Nigerian princes so their initial response of just blocking them might not be that far fetched. It does start to look increasingly bad when it becomes clear that there is a real problem at hand. The quality of management can be measured by how quickly they identify the blind spot.

This is the most plausible explanation, in my view. I've seen companies where the software was considered "done" and they literally had no software engineers around anymore who could even modify it, let alone the original people who built it. Just a bunch of managers and salespeople milking it. If anything were to go wrong they'd have to bring in an expensive contractor or just shut down that part of the business (if the numbers made sense to do so).

5) That twitter account he's arguing with is run by a social media agency that doesn't have any actual connection to people running Kids Pass, let alone direct contact with the developers.

You forgot another possibility which is that the organization might have a bad office culture and the person is just instinctively protecting their turf.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact