No idea what they're on about. All the rendering is done in the browser, not the server - all the server sees is some text strings that mean nothing to it just like any other comment.
There is another way of doing this where the server actively parses the comments looking for \$\LaTeX\$, compiles them itself and inserts the resultant image, which could be a security nightmare if done wrong. Which is why nobody does that now the browser based renders can do it.
Edit: If it's the comment I'm thinking of, about being an easy target, perhaps he's just referring to the fact that you installed something you didn't understand?