Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>The money didn't go towards the author.

Perhaps many would have refused to donate if they knew that the project would be archived in a year. Collecting for audit and then archiving the project is, in a way, a violation of expectations.



Did they perform the audit? That is what is important.

The more and more you start modifying code after the audit, the more and more useless the audit becomes.


> That is what is important

Depends on your perspective... If I'd known the project was going to stop soon after I donated, I probably wouldn't donate, even if the purpose of the money was strictly for an audit.


Yes, they performed.


Did the author do the audit? Is the audit available? If so, then they did what people donated for. End of story.


Would they have refused to donate if they knew the author would be hit by a bus in a year? Or hired by someone who refused to allow them to continue working on it?

I don't think the author had explicit plans to do this a year ago.


What are expectations? Audit is invalidated by the first change after it, so archivation is basically necessary. VeraCrypt was audited too, lol.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: