undefined | Better HN

0 pointslazyier3y ago0 comments

It's normal in any open source project to keep security mailing lists and things of that nature private. And for good reasons.

One of the reasons is they are dealing with security related bug reports. Public disclosure before having a fix in place puts users at risk.

Besides that 'security' is a process that all groups are responsible for. So it can't help being _developed_ in the open if the project is open. Which Brave is.

0 comments

feanaro3y ago

I agree with the above. I guess I interpreted the comment as saying some code parts of Brave are not open for security reasons. I don't actually know whether this is true or not.

j / k navigate · click thread line to collapse

0 comments

feanaro3y ago

I agree with the above. I guess I interpreted the comment as saying some code parts of Brave are not open for security reasons. I don't actually know whether this is true or not.

j / k navigate · click thread line to collapse