undefined | Better HN

0 pointssoraminazuki7mo ago0 comments

The world doesn't line up with lies and spins of the most transparently corrupt actors either.

Shopify stole RubyGems from the maintainers, do you deny it? They tried to do so in secret, keeping the maintainers and the larger Ruby community in the dark. Their claim that the access revocations were a mistake was a blatant lie. Moreover, they spun even more conspicuous falsehoods in response to the public backlash.

When you twist protective measures against ongoing theft or shitty proposals that went nowhere into a nefarious conspiracy to justify the theft of critical Ruby infrastructure, it’s time to take a hard look in the mirror.

And hey, since you imply that loaded questions aren't fallacious, tell me: have you stopped beating your wife? It's a "simple question," just answer yes or no.

0 comments

tptacek7mo ago

The premise of "have you stopped beating your wife" is that you made up the idea that I might have done it; simply asking the question is a form of slander. But that's not at all the case with Andre Arko and RubyGems. From everything we know: he really did (1) lose his personal access, (2) log in with a stale AWS root credential, and (3) change the password on the root account. We also know that (4) he attempted to quietly monetize the server logs from RubyGems.

These aren't insinuations; they're direct factual claims. They're well-founded and they're either true or they're not. No, you can't just jazz-hands your way through this.

soraminazukiOP7mo ago

I'll repeat:

What are you trying to achieve here, bringing up debunked insinuations over and over and over again? And haha no, going over every cherry-picked fact and half-truth you explicitly stated doesn’t prove you aren’t making insinuations.

> insinuate: to impart or suggest in an artful or indirect way

https://www.merriam-webster.com/dictionary/insinuated

Note the word "indirect."

tptacek7mo ago

Which of these insinuations have been "debunked"? Did they happen or not? If they happened, but you're OK with the reason they happened, they weren't "debunked"; they were, to you, "mitigated".

1 more reply

justinclift7mo ago

> We also know that (4) he attempted to quietly monetize the server logs from RubyGems.

What sort of monetisation?

Asking because there's a huge potential range of options there, from pretty innocuous stuff through to downright evil. :(

tptacek7mo ago

What kind of monetization would have been OK?

1 more reply

j / k navigate · click thread line to collapse

0 comments

tptacek7mo ago

These aren't insinuations; they're direct factual claims. They're well-founded and they're either true or they're not. No, you can't just jazz-hands your way through this.

soraminazukiOP7mo ago

I'll repeat:

> insinuate: to impart or suggest in an artful or indirect way

https://www.merriam-webster.com/dictionary/insinuated

Note the word "indirect."

tptacek7mo ago

Which of these insinuations have been "debunked"? Did they happen or not? If they happened, but you're OK with the reason they happened, they weren't "debunked"; they were, to you, "mitigated".

1 more reply

justinclift7mo ago

> We also know that (4) he attempted to quietly monetize the server logs from RubyGems.

What sort of monetisation?

Asking because there's a huge potential range of options there, from pretty innocuous stuff through to downright evil. :(

tptacek7mo ago

What kind of monetization would have been OK?

1 more reply

j / k navigate · click thread line to collapse