Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
p0lr :verified_flashing: (p0lr@infosec.exchange)'s status on Monday, 12-Dec-2022 01:56:47 JST p0lr :verified_flashing:
- Wary Jerry
@jerry I just ran our (mostly passive) security analyzer against infosec.exchange. You did an excellent job hardening the domain, DNS, and the web services. Just wanted to recognize that you put in the time and paid attention to the details. It did not go unnoticed and is appreciated!

In conversation Monday, 12-Dec-2022 01:56:47 JST from infosec.exchange permalink
- Embed this notice
  Kris Nóva (nova@hachyderm.io)'s status on Monday, 12-Dec-2022 01:56:37 JST Kris Nóva
  in reply to
  - Wary Jerry
  @jerry @p0lr
  Would we want to ever “trade and grade”? If that makes sense? I did a really shitty scan of our stuff the other day and I would be happy to begin collaborating on a small effort to just standardize the checks and keep an eye out for the broader community.
  Here’s my work BTW — these have sense been fixed as far as I know.
  https://github.com/hachyderm/security/blob/main/reports/2022-12-02/README.md
  In conversation Monday, 12-Dec-2022 01:56:37 JST permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
    
    security/README.md at main · hachyderm/security
    
    Security resources for Hachyderm. Contribute to hachyderm/security development by creating an account on GitHub.
- Embed this notice
  Wary Jerry (jerry@infosec.exchange)'s status on Monday, 12-Dec-2022 01:56:38 JST Wary Jerry
  in reply to
  
  @p0lr ? thank you. I am not perfect, but trying to do a good job for everyone here.
  
  In conversation Monday, 12-Dec-2022 01:56:38 JST permalink
- Embed this notice
  Kris Nóva (nova@hachyderm.io)'s status on Monday, 12-Dec-2022 02:11:17 JST Kris Nóva
  in reply to
  - Wary Jerry
  @p0lr @jerry we are still working on how we manage this but maybe I can send you an email in January with what I’m thinking?
  
  In conversation Monday, 12-Dec-2022 02:11:17 JST permalink
- Embed this notice
  p0lr :verified_flashing: (p0lr@infosec.exchange)'s status on Monday, 12-Dec-2022 02:11:18 JST p0lr :verified_flashing:
  in reply to
  - Wary Jerry
  - Kris Nóva
  @nova @jerry I'm happy to run assessments for community projects. My company builds this platform and normally charges for these, but if it's for the greater good, I would consider free assessments - especially if the trade points out something we overlooked checking.
  
  In conversation Monday, 12-Dec-2022 02:11:18 JST permalink
- Embed this notice
  Kris Nóva (nova@hachyderm.io)'s status on Monday, 12-Dec-2022 02:39:57 JST Kris Nóva
  in reply to
  - Wary Jerry
  @p0lr @jerry yes! How do I get in touch with you? DMs are hard
  
  In conversation Monday, 12-Dec-2022 02:39:57 JST permalink
- Embed this notice
  p0lr :verified_flashing: (p0lr@infosec.exchange)'s status on Monday, 12-Dec-2022 02:39:58 JST p0lr :verified_flashing:
  in reply to
  - Wary Jerry
  - Kris Nóva
  @nova @jerry Kris, I ran the domain - let me know when you want to review.
  
  In conversation Monday, 12-Dec-2022 02:39:58 JST permalink

Public

Conversation

Notices

Feeds