Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Don't blame the manager, the PO, the CEO. This is ABSURD engineering incompetence. The fellow that did that _fix_ probably had no idea how to properly solve the issue.


If it is then it's management's responsibility for allowing that incompetence to exist. These sort of issues all come from the culture which is driven from the top.


So having an absurdly incompetent engineer implementing this fix isn't a management problem?


Managers, POs, and CEOs are responsible for preventing this by:

- hiring people who'd know not to do it

- creating processes for more than one security expert to review security patches

- requiring the testing of patches against real-world workarounds

- allotting the time and budget necessary for all of the above




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: