Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
weaksauce 2 hours ago

security researchers not the ones shipping the faulty code.

teeray 2 hours ago | parent [-]

We’re not talking about security researchers here:

> there is lots to gain from being the first to write about the new malware on some registry, so *companies* are actively downloading and inspecting literally every package.

(Emphasis mine)

weaksauce 8 minutes ago | parent | next [-]

yeah security researchers at security companies are the ones we are talking about.

john_strinlai an hour ago | parent | prev [-]

>We’re not talking about security researchers here:

we are.

"companies" in this context is "security companies" (hence why they are "downloading and inspecting every package", which would not make sense if referring to the people authoring and shipping a single package)