HackerTrans
TopNewTrendsCommentsPastAskShowJobs

gearnode

no profile record

Submissions

How to set up PostHog: GDPR, CCPA, and global privacy laws

probo.com
3 points·by gearnode·2 माह पहले·0 comments

What Is a Risk in Compliance?

probo.com
1 points·by gearnode·2 माह पहले·0 comments

Are you allowed to put that SoC 2 logo on your website?

getprobo.com
2 points·by gearnode·2 माह पहले·0 comments

Do you need a SoC 2 report?

getprobo.com
2 points·by gearnode·3 माह पहले·1 comments

Stripe Won't Save You from Bad Access Control

getprobo.com
1 points·by gearnode·3 माह पहले·0 comments

Potion: Turn your PR review history into Claude Code skills

github.com
3 points·by gearnode·4 माह पहले·0 comments

Google Workspace Default Settings Are Insecure

getprobo.com
1 points·by gearnode·4 माह पहले·0 comments

An Open Letter to Aicpa and ISO Accreditation Bodies

getprobo.com
3 points·by gearnode·4 माह पहले·2 comments

Color-Coded Windows for Git Worktrees on MacOS

github.com
5 points·by gearnode·4 माह पहले·0 comments

Lightpanda migrate DOM implementation to Zig

lightpanda.io
199 points·by gearnode·6 माह पहले·143 comments

Improper HMAC Signature Verification in auth0/node-jws

github.com
1 points·by gearnode·7 माह पहले·0 comments

Mcpgen is a code generator for MCP servers in Go

github.com
2 points·by gearnode·7 माह पहले·0 comments

The Silent Leak: How One Line of Go Drained Memory Across Goroutines

medium.com
3 points·by gearnode·7 माह पहले·0 comments

Building Effective Agents

simonwillison.net
1 points·by gearnode·8 माह पहले·0 comments

Show HN: Granola API Reverse Engineering

github.com
1 points·by gearnode·8 माह पहले·0 comments

comments

gearnode
·4 माह पहले·discuss
The division of labor between implementation, documentation, and sign-off isn't the bug. It's the design. Independence between those layers is how you get credible assurance (in theory).

The bug is when nobody actually verifies. The audit firm holds the mandate to look at the full picture. When they sign without doing that, independence becomes a gap. And right now, the bodies supervising those firms aren't enforcing anything when that happens.