HackerTrans
TopNewTrendsCommentsPastAskShowJobs

gearnode

no profile record

Submissions

How to set up PostHog: GDPR, CCPA, and global privacy laws

probo.com
3 points·by gearnode·2 months ago·0 comments

What Is a Risk in Compliance?

probo.com
1 points·by gearnode·2 months ago·0 comments

Are you allowed to put that SoC 2 logo on your website?

getprobo.com
2 points·by gearnode·2 months ago·0 comments

Do you need a SoC 2 report?

getprobo.com
2 points·by gearnode·3 months ago·1 comments

Stripe Won't Save You from Bad Access Control

getprobo.com
1 points·by gearnode·3 months ago·0 comments

Potion: Turn your PR review history into Claude Code skills

github.com
3 points·by gearnode·4 months ago·0 comments

Google Workspace Default Settings Are Insecure

getprobo.com
1 points·by gearnode·4 months ago·0 comments

An Open Letter to Aicpa and ISO Accreditation Bodies

getprobo.com
3 points·by gearnode·4 months ago·2 comments

Color-Coded Windows for Git Worktrees on MacOS

github.com
5 points·by gearnode·4 months ago·0 comments

Lightpanda migrate DOM implementation to Zig

lightpanda.io
199 points·by gearnode·6 months ago·143 comments

Improper HMAC Signature Verification in auth0/node-jws

github.com
1 points·by gearnode·7 months ago·0 comments

Mcpgen is a code generator for MCP servers in Go

github.com
2 points·by gearnode·7 months ago·0 comments

The Silent Leak: How One Line of Go Drained Memory Across Goroutines

medium.com
3 points·by gearnode·7 months ago·0 comments

Building Effective Agents

simonwillison.net
1 points·by gearnode·8 months ago·0 comments

Show HN: Granola API Reverse Engineering

github.com
1 points·by gearnode·8 months ago·0 comments

comments

gearnode
·4 months ago·discuss
The division of labor between implementation, documentation, and sign-off isn't the bug. It's the design. Independence between those layers is how you get credible assurance (in theory).

The bug is when nobody actually verifies. The audit firm holds the mandate to look at the full picture. When they sign without doing that, independence becomes a gap. And right now, the bodies supervising those firms aren't enforcing anything when that happens.