| 1. | | Mari0=Mario + Portal ..Open source game (stabyourself.net) |
| 406 points by rjim86 on March 5, 2012 | 56 comments |
|
| 2. | | Square Register (squareup.com) |
| 331 points by robbiet480 on March 5, 2012 | 121 comments |
|
| 3. | | Responsible Disclosure Policy (github.com/blog) |
| 317 points by mnilsson on March 5, 2012 | 78 comments |
|
| 4. | | Rich Hickey's new project: datomic.com (datomic.com) |
| 315 points by indy on March 5, 2012 | 105 comments |
|
| 5. | | How Homakov hacked GitHub & the line of code that could have prevented it (gist.github.com) |
| 316 points by petenixey on March 5, 2012 | 84 comments |
|
| 6. | | Sometimes the bug isn't in your code, it's in the CPU (dragonflybsd.org) |
| 303 points by there on March 5, 2012 | 97 comments |
|
| 7. | | A single tweet page is 2.0 MB (teczno.com) |
| 293 points by skimbrel on March 5, 2012 | 110 comments |
|
| 8. | | Induction: A Polyglot Database Client For Mac OS X (inductionapp.com) |
| 283 points by matttthompson on March 5, 2012 | 82 comments |
|
| 9. | | Docracy - Free (community curated) Legal Documents (docracy.com) |
| 228 points by carlsednaoui on March 5, 2012 | 53 comments |
|
| 10. | | Learning to Code: The Roadmap I Wish I Had Been Given (jimmy-li.net) |
| 208 points by jyli7 on March 5, 2012 | 74 comments |
|
| 11. | | What happens after you interview at Y Combinator — and get rejected. (katherinehague.com) |
| 188 points by katherinehague on March 5, 2012 | 45 comments |
|
| 12. | | Having fun with 404 (heyzap.com) |
| 186 points by foobar2k on March 5, 2012 | 32 comments |
|
| 13. | | What’s New In Python 3.3 (python.org) |
| 178 points by ch0wn on March 5, 2012 | 54 comments |
|
| 14. | | Show HN: I wrote a guidebook on everything I know about applying to Y Combinator (guidetoyc.com) |
| 177 points by jasonshen on March 5, 2012 | 53 comments |
|
| 15. | | Chute (YC W12) Launches A Twilio For Photos (techcrunch.com) |
| 169 points by ranvir on March 5, 2012 | 46 comments |
|
| 16. | | Rolling Up My Sleeves (cmdrtaco.net) |
| 159 points by th0ma5 on March 5, 2012 | 20 comments |
|
| |
|
|
| 18. | | Seth Levine: Sick of start-up BS (cnn.com) |
| 135 points by cwan on March 5, 2012 | 39 comments |
|
| 19. | | Show HN: GPS + Calendar + Traffic = always on time (needtobounce.com) |
| 136 points by justinwi on March 5, 2012 | 33 comments |
|
| 20. | | Stephen Wolfram does an AMA (reddit.com) |
| 119 points by instakill on March 5, 2012 | 30 comments |
|
| 21. | | What Every Programmer Should Know About SEO (katemats.com) |
| 120 points by kateroth on March 5, 2012 | 31 comments |
|
| 22. | | People Aren't Smart Enough for Democracy to Flourish, Scientists Say (yahoo.com) |
| 116 points by pwg on March 5, 2012 | 157 comments |
|
| 23. | | ESPN Developer Center (espn.com) |
| 106 points by duck on March 5, 2012 | 76 comments |
|
| 24. | | MITx First Course "6.002x Circuits and Electronics" is Live (mitx.mit.edu) |
| 105 points by ernestipark on March 5, 2012 | 47 comments |
|
| 25. | | Going Simple with JavaScript (snook.ca) |
| 103 points by joshuacc on March 5, 2012 | 69 comments |
|
| 26. | | Codakido, Lua/SDL programming environment for Kids, with C64-alike editor (github.com/antirez) |
| 98 points by antirez on March 5, 2012 | 54 comments |
|
| 27. | | Two Sources of Stress that (probably) apply to you (dalethoughts.com) |
| 97 points by dmd149 on March 5, 2012 | 36 comments |
|
| 28. | | Github Is Classy (housepub.org) |
| 97 points by craigkerstiens on March 5, 2012 | 67 comments |
|
| 29. | | Ask HN: Finding work for a significant other |
| 95 points by iwritecode on March 5, 2012 | 20 comments |
|
| 30. | | This Morning I Didn't Go To Work (davejafari.com) |
| 94 points by netmau5 on March 5, 2012 | 32 comments |
|
|
| More |
Guy drops a zero day on a major service provider, guy gets his account suspended (temporarily, it turns out). In what possible world is disabling an account that has recently exploited your live product in a very visible way not ok? Remember, you don't have a chance to call a meeting with the C level guys and your community manager - you're one or two guys responding on a weekend.
The rest of the "oh my god the sky is falling" drivel about how terrible a bug it could have been and how they should never have had such a vulnerable bug in the first place is even worse. Security bugs are fuckups by nature - nobody sat and said well shit I was going to code this wrong but since it might allow a lot of access I won't. In terms of OH SHIT bugs this is actually rather small - I'm sure github's live infrastructure has been open to lower level remote execution vulnerabilities over the years - newsflash: we all have been. Getting user or superuser or db admin is going to almost certainly be a lot worse than an application authentication level vulnerability.
You say none of that matters because it's such an obvious bug and people have known not to do that kind of thing for years? Say hello to our old friends "buffer overflow" & "use after free" - still grabbing msft aapl & goog after all these years.
TL;DR - stop acting like children.