Hacker News new | past | comments | ask | show | jobs | submit login

> That said security-minded people are often inconsiderate and horribly untactful in their approach. That needs to change. You don't need to be overly negative to point out a security issue. Something like, "Cool start, but might want to point out that it's not meant for production!" would be a lot better IMHO.

That's a wonderful idea! I'm absolutely certain that people will invariably respond quickly and reasonably to kind, compassionate, considerately made points. Especially ones that are very cautious to cough anything that might be taken as negative as a potential or a possibility.

For my own part, I've found this practice to be both exhausting to implement and highly unreliable in deployment. I'm absolutely certain that these just reflect my own failures. I'm similarly sure that you've seen infinitely better results!

After all, everyone knows that casually documenting something to the tune of "This code might not be as safe for production as it could be" will yield a reasonable level of caution in all developers.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact