Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

At that point, you could probably bring in Legal. Not only are these just poor coding practices, but some of these things are very serious security vulnerabilities. If you've got contracts with clients, or even if you're licensed straight to individuals, it's a good bet that you're breaching some data security/privacy rules. Legal would definitely want to know and take steps to correct.


This is terrible advice. Do not go to legal for this, ever. This is putting yourself and the company in a very bad position.

Fix the vulnerability if you can. Help junior developers understand common issues if you can. Then move on to the next job with better practices.


> but some of these things are very serious security vulnerabilities.

That's a very good reason to bring in your Security Officer or a similar compliance officer; its probably not a good reason to go straight from dev to Legal.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: