They're definitely a real person. I know cause that "1Password employee since De... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lelandbatey on March 29, 2024 \| parent \| context \| favorite \| on: Backdoor in upstream xz/liblzma leading to SSH ser... They're definitely a real person. I know cause that "1Password employee since December" is a person I know IRL and worked with for years at their prior employer. They're not a no-name person or a fake identity just FYI. Please don't be witch hunting; this genuinely looks like an unfortunate case where Jared was merely proactively doing their job by trying to get an externally maintained golang bindings of XZ to the latest version of XZ. Jared's pretty fantastic to work with and is definitely the type of person to be filing PRs on external tools to get them to update dependencies. I think the timing is comically bad, but I can vouch for Jared. https://github.com/jamespfennell/xz/pull/2

greatjack613 on March 29, 2024 [2 more]

[flagged]

lelandbatey on March 29, 2024 | [–]

Here's a PR on an employer-owned public Github repository where I made a change and Jared approved it. Please, let's not witch hunt.

https://github.com/getoutreach/stencil-golang/pull/404

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact