Hacker News new | past | comments | ask | show | jobs | submit login

Yes, experienced smart developers can make dumb mistakes, but this is pretty dumb. More importantly, it's the type of thing that should have been caught in a pull request or with a test, if not immediately after writing the code in question. Their process is severely lacking if a basic auth bug of this nature got through to production.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact