Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Lighten up. Nobody's going to federal court to stop the DOJ from investigating botnets, carding rings, and ransomware scams, which is what these things are usually about. Nobody's mental model of PyPI was that they had Signal's priorities.


Then all the less reason to roll out the “of utmost importance” boilerplate. So what’s your point?

Also I don’t see how being light-hearted has anything to do with this submission, Thomas.


Its just they have no choice. And when they do the choose their "utmost priority". Its not that complicated


Then they shouldn't say protecting their users are their top priority, because they have shown it is not. That's called lying. A correct statement would have been "we will comply with lawful LEO requests"


How have they shown it's not, exactly? Really curious what you think they could have done better aside from blatantly going against laws in their jurisdiction.


There's a difference between abiding by lawful court orders that have gone through judicial process and a friend in a police department calling in a favour.


Helping convict scammers, typo-squatters injecting malicious code, etc is protecting their users. Just not the (likely) bad actors that are the subject of the subpoenas.


The fact remains, that unless you are willing to break the law, obeying the law is your top priority.


This assumes that all of this is binary, when in reality it’s a complex system that takes time and effort to modify in a meaningful and responsible way.


If you're so inclined, you're welcome to make an anarcho-oriented package management system yourself. PyPi has never claimed to be one, though.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: