Hacker News new | past | comments | ask | show | jobs | submit login

Isn't a lot of it/all of it reviewable on their github? Does that not help you make a decision on their quality?

Dosent really help if I can just go into their system and introduce my own code into their SDKs or just sign my own release of a build. It just makes me question how secure their build process is? Without security people you cannot claim to be secure?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact