Hacker News new | past | comments | ask | show | jobs | submit login

The e-mail heavily implies that the security breach was CouchDB's fault instead of those who were administering that Couch server.

Deliberate passing the buck or accidental bad choice of words?




I think more of a serious gut check for anyone who's deliberately exposing a CouchDB server to the web because it contains all or mostly public data.


My bad, just realized you aren't e-mail writer or npm admin. Thrown off by gist author.

Deliberately exposing anything to the web should come with lots of... wait for it... deliberation. The npm guy is a core community member; this incident shows a lot of sloppiness and doesn't inspire faith.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: