Angus McIntyre on Nostr: Pro tip: if you're one of those asshats who scans the web for ‘security.txt' files ...
Pro tip: if you're one of those asshats who scans the web for ‘security.txt' files so you can try to sell “security services” or claim bug bounties, it helps if your email correctly identifies the domain on which you claim to have found vulnerabilities.
Because saying "Hey, I found problems on <some-other-site-you-don't-own>, pay me to fix them” makes you look a little bit less than competent.
Published at
2024-02-06 16:38:52Event JSON
{
"id": "0585f03d298dd23174314b23207dd1f7af10ec30626d82a4dfaa4ec04eb19b72",
"pubkey": "aea853736b9ddea2ee9510e3da24f854563e37987b23da82992cea1af39ab554",
"created_at": 1707237532,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/angusm/statuses/111885518942233546",
"activitypub"
]
],
"content": "Pro tip: if you're one of those asshats who scans the web for ‘security.txt' files so you can try to sell “security services” or claim bug bounties, it helps if your email correctly identifies the domain on which you claim to have found vulnerabilities.\n\nBecause saying \"Hey, I found problems on \u003csome-other-site-you-don't-own\u003e, pay me to fix them” makes you look a little bit less than competent.",
"sig": "2957a67c3140e636e3a5023fd72694fa92faed6d9bfed08697cf0bebab55c7ef8fe8422c5ce84eb6748aea14a3381a593856edae60ef93806a4dc421e6abafbd"
}
