 |
Post AugkTAn7xhf16HTWHw by [email protected] |
 |
More posts by [email protected] |
|
Post #Auggq0nornQUxqQxEW by [email protected] |
|
0 likes, 1 repeats |
|
|
|
How to handle a responsible disclosure you get from me?Let’s assume you run a… |
|
|
|
Post #AuggrH7Lh3OVr0AeVE by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Let's start with what's bad about me reporting such a thing:Most import… |
|
|
|
Post #Auggtr07Fcg5iu18RU by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Let's continue with what's good about me reporting such a thing:Fixing … |
|
|
|
Post #AuggulNRe4c4ZTMYa0 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
What you shouldn’t do?Some actions will only cause you more pain in the long … |
|
|
|
Post #AuggvKki7Z1IHlW8Ce by [email protected] |
|
0 likes, 1 repeats |
|
|
|
What can you do beforehand?There’s one thing you can do in advance that will … |
|
|
|
Post #AuggyO1EQtXHHjhUh6 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
So how should you reply?I recommend that your reply addresses the following poi… |
|
|
|
Post #AuggzTjseQ3pJc6b5c by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Example of a near-perfect replySuch a message would make me very happy:Thank yo… |
|
|
|
Post #Augh0knqh1AwWnZNk8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
My experience with such disclosuresUnless you’ve planned ahead, you very like… |
|
|
|
Post #AughA78T1wIIOhg2PA by [email protected] |
|
0 likes, 1 repeats |
|
|
|
FootnotesMy disclosure may trigger other legal implications for you. You may ne… |
|
|
|
Post #AughZd9v6ZS8xKWXJ2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@masek (and at the very beginning: "My responsible disclosure will contain… |
|
|
|
Post #AughZdFalTzREvB49A by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer Usually you get a link from me pointing to a file that should very … |
|
|
|
Post #AugjcQxh6t8Vu7Gmlk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@masek Do you check the DNS version of security TXT? https://dnssecuritytxt.org… |
|
|
|
Post #AugjcR6uYcVcMha98S by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@tbr I would be surprised if any of the affected companies uses this, but I wil… |
|
|
|
Post #AugkTAn7xhf16HTWHw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@masek The (very sensible) infosec people at my employer seem to prefer that st… |
|
|
|
Post #AugkTAsnccCJNs8384 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@tbr I don't do LinkedIn stalking as I don't use LinkedIn myself. Usual… |
|
|
|
Post #AugkrLISYSoCdFeh6G by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@masek unfortunately, your (probably very good reports) are often mingled with … |
|
|
|
Post #AuglbNT6oR7kgkaUvw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@nieldk Unluckily writing good reports doesn't guarantee good replies.Very … |
|
|
|
Post #AuglbNZUQiED0XZasa by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@masek banks are , in my experience, the toughest to deal with. |
