Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I mean, "worked at Facebook for a while" isn't a guarantee of competence. And some security boilerplate text isn't a guarantee of being good at security.


You want guarantees in software resources? Have you heard about the famous interview torture for jobs?

Your OP wanted to paint a picture of inexperienced development team. Both items in my post show that both the team (who initially had it right) and the CTO (who inexplicably removed the two lines) are definitely experienced.

That Parse Server looks like a substantial piece of code and there is a community around it, so let's be fair and grant the CTO a measure of competence, shall we?


I mean, given a choice between "an incompetent programmer with seven years work experience exists", and "Gab as a whole is some sort of weird honeypot", Occam's razor probably suggests the incompetent programmer.


23 years of experience + Existing codebase demonstrating care for matter such as filtering input == experienced. Certainly not clueless.

I said absolutely nothing about a honey pot. Review my posts. Occam's razor strongly suggests to not make un-necessary assumptions. My post challenges your assertion of incompetence. You need to remove that assumption from your analysis.


The thread was about the claim that it _must_ be a honeypot because it's so incompetent. What's your theory for how this happened, if neither incompetence nor deliberate?


Well, take that up with the GP.

> What's your theory for how this happened, if neither incompetence nor deliberate?

Honestly no theories, just rubber necking here :) but since you ask, here is what my shaving session with Occam brings up:

- cognitive impairment (alcohol, various fun chemicals)

- emotional agitation (relationship, personal matter, etc)

- rushed for time (silly mistake)

- arrogance ("I can do C++, Scala, JS, and PhP. This Ruby stuff will be cake, and I do not need to ask my team why they had those 'funny' filters on top of the function")

- malicious coding ("Sure, I'll help you scale it. I hate SV too. I hate it so much I spent 7 years at FB.")

So re. that last possibility, I also do not agree with your GP that this indicates that that platform was a honeypot. This specific event can be construed as placing a backdoor in their code.


True. I worked at a company that once hired this former Yahoo engineer when they were hot and he sang the Smurf song often and wrote shit code. All the engineers were happy he was the only dev in his section because he also smelled.

Even with all that, I would still expect him to not make any commit similar to this CTO.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: