Hacker News new | past | comments | ask | show | jobs | submit login

Classless. Come on Khang - everyone here wants to root for their fellow entrepreneurs, creators, and (self-proclaimed) "nerds".

RKearny pointed out a very real, very important issue that will help you make your service better, and help you deliver even more value for your users. And he did it for free! You should be thanking him and asking him for more feedback, not deflecting responsibility like this.




ryan's info is public. he put it on our feedback forum. i wanted to make sure everyone was aware of his public info since we (as well as others) were very concerned with his course of action and questionable statement "Still managed to get a few dozen AWS keys though."

i'm not sure why thanking him is in order... ?

5 people emailed me privately about the security issue. we fixed it promptly, and followed up with instructions to everyone exposed (~20) on how to protect their credentials. i haven't yet heard a complaint from our actual users.


Great example of why building an app != a startup. You should email all users, and post a public apology on your site or blog.


you and i know that saying "~20" is a random number since you had nothing in place to track it. i'd love to hear how you know it's 20. seriously. tell us.


Could be http server access logs but if I made glaring mistakes like that I surely would not trust my own server logs anymore.


Stop digging yourself into to a hole and just apologise to Ryan and your users like you should have done to begin with.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: