Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
ascar
on July 5, 2018
|
parent
|
context
|
favorite
| on:
GitHub mirror compromise incident report
While I agree this is a good practice, it wouldn't have helped much. He had organization-level admin access and could've easily added a second dev account to accept them by himself.
jrochkind1
on July 5, 2018
[–]
This part of the discussion started thinking about an attacker with a goal of the malicious code being undetected.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
