Hacker News new | past | comments | ask | show | jobs | submit login

Are you going to cry because a company wants your data to be a bit more safe?



Then you won't objective to 3fa or 20fa. More steps is safer right?

If your account is unimportant to you github shouldn't force you to add layers of security when they literally throw you under the bus in the TOS telling you it is your responsibility.. good let me decide my level of risk.


If a lot of people trust code that comes from your account, then it can and will be weaponized for a supply chain attack.

If you do not have the good sense to lock up such a weapon, then please delete your account.


Keyword: if. What little i do distribute to a few end users come from local builds through a completely separate system. The security level applied reflects this more than well.

To my (well-founded) knowledge nobody distributes my code; and if they did they'd have full responsibility. That's what "THE SOFTWARE IS PROVIDED 'AS IS'" means. You don't have to like it and you don't have to use it.

There really is no middle ground unless you develop a relation. Who says i can be trusted? Not me!


Not the case here.. and not the case for 99.99% of repos on github.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: