undefined | Better HN

0 pointsSIRHAMY8y ago0 comments

At that point, you could probably bring in Legal. Not only are these just poor coding practices, but some of these things are very serious security vulnerabilities. If you've got contracts with clients, or even if you're licensed straight to individuals, it's a good bet that you're breaching some data security/privacy rules. Legal would definitely want to know and take steps to correct.

0 comments

user59944618y ago

This is terrible advice. Do not go to legal for this, ever. This is putting yourself and the company in a very bad position.

Fix the vulnerability if you can. Help junior developers understand common issues if you can. Then move on to the next job with better practices.

dragonwriter8y ago

> but some of these things are very serious security vulnerabilities.

That's a very good reason to bring in your Security Officer or a similar compliance officer; its probably not a good reason to go straight from dev to Legal.

j / k navigate · click thread line to collapse