> - We take vulns seriously—especially the serious ones! It was fixed immediately by a senior engineer upon report (within a day?)
What? From the many, many #meta posts and other sources I cannot back this up.
> - The author was ultimately banned from the community not for their opinions on this matter, but because of a long streak of unrelated conduct issues that culminated in a spree of saying horribly abusive things to multiple other members of the community.
OP did say some bad stuff, but it wasn't a spree and was an isolated incident. I don't agree with her actions, but I see where she was coming from: she didn't feel heard and just wanted to get back at people she saw as having wronged her. She definitely shouldn't have done what she did but it was an isolated incident or two.
> — They have been pursuing a grudge against the organization ever since. They are not a reliable narrator, this post is a fantasy version of events that casts them as a martyred hero.
You'll note that in the article that isn't what she portrays herself as and she explicitly bookends the article with paragraphs of text praising the mission and all of the good hackclub has done. Which is it, is she rightfully praising the organization but rightfully getting angry about it or is she wrongfully praising the organization and wrongfully getting angry?
> Nonetheless, privacy/security is something we think about and invest extensively in.
Based on HQ's HCB, #meta, posts in #hq, and more this is not true in the slightest.
> In the past year we have started an organization-wide bounty system, moved all PII storage into a central "identity vault" Bounties were addressed in the article and last thing I heard PII is still massively distributed. If that isn't the case anymore, please actually make a post about it so the community is aware?
> consulted extensively with a very fancy lawyer who specializes in corporate compliance with the growing raft of online privacy laws around the world
That's good but again, make an announcement in hackclub?
> The good news is, according to that lawyer we already do almost everything we need to be compliant; we just need to publish a privacy policy!
The fuck?? No?? if this has happened in the last year, how angry has your lawyer about the numerous vulnerabilities that were pushed, not notified, underpaid bounties, and more? Oh, and don't forget you TAKING DOWN THE GDPR EMAIL AND NOT DELETING DATA??
> We are actively iterating on a mostly-finished draft of this document with our counsel, but it is taking time because, well, this stuff is very complicated.
I can definitely understand that. I really love hackclub and think the mission is amazing but at the moment I don't feel safe with my data in its hands.
> OP did say some bad stuff, but it wasn't a spree and was an isolated incident. I don't agree with her actions, but I see where she was coming from: she didn't feel heard and just wanted to get back at people she saw as having wronged her. She definitely shouldn't have done what she did but it was an isolated incident or two.
If I remember correctly, she admitted that her ban was justified. But also, she didn't just do "some bad stuff", she did a lot of it - there's even a recent #meta thread referencing this exact post.
> You'll note that in the article that isn't what she portrays herself as and she explicitly bookends the article with paragraphs of text praising the mission and all of the good hackclub has done. Which is it, is she rightfully praising the organization but rightfully getting angry about it or is she wrongfully praising the organization and wrongfully getting angry?
Nuance does exist.
> That's good but again, make an announcement in hackclub?
Zach did.
> The fuck?? No?? if this has happened in the last year, how angry has your lawyer about the numerous vulnerabilities that were pushed, not notified, underpaid bounties, and more? Oh, and don't forget you TAKING DOWN THE GDPR EMAIL AND NOT DELETING DATA??
I'm more inclined to trust Chris than an anon account that straight up denies that internal conversations happened. You also seem to be regurgitating posts from earlier without seeing Chris's context.
I think I've read through the #meta post you're referencing and commented in it and yeah, but it still wasn't a spree. It was not a lot of it? cite your sources as well
> > That's good but again, make an announcement in hackclub? > Zach did.
Where?
> I'm more inclined to trust Chris than an anon account that straight up denies that internal conversations happened. You also seem to be regurgitating posts from earlier without seeing Chris's context.
Well yeah, I'm on a throw away as I don't want to be deanon'd. If you really want to talk contact https://hackclub.slack.com/team/U09Q734PGUU, it's an alt I have. Where did I deny internal conversations as well? And wdym regurgitating posts without Chris' context? I literally broke his reply down point-by-point?