The end of the #curl bug-bounty
Uncategorized
40
Posts
18
Posters
29
Views
-
The end of the #curl bug-bounty
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/
@bagder not sure if intentional but the article title from pressmind.org had all of it's polish utf-8 characters replaced with "?" -
@bagder not sure if intentional but the article title from pressmind.org had all of it's polish utf-8 characters replaced with "?"
@Mae argh, I think that's just wordpress being annoying... š
-
@bagder yea, GHSA drafts are decent, but I really wish I could disclose a report that has been declined. Github, please?
@seanmonstar @bagder Yep... I called for exactly this from platforms: https://sethmlarson.dev/slop-security-reports#what-platforms-can-do
Primarily so that maintainers can collaborate against this sort of behavior, but also to make bad actors known.
-
@seanmonstar @bagder Yep... I called for exactly this from platforms: https://sethmlarson.dev/slop-security-reports#what-platforms-can-do
Primarily so that maintainers can collaborate against this sort of behavior, but also to make bad actors known.
@sethmlarson @seanmonstar I have a meeting with someone at Github in a few hours. I will bring this up!
-
The end of the #curl bug-bounty
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/
@bagder a sad, but understandable decision
-
The end of the #curl bug-bounty
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/
@bagder without reading the article I knew why š
Maybe submitting a repot should cost something? The people that are confident about their findings would get the reward that easily pays for that. For the slop that's just too expensive.
Sounds weird but... maybe?
-
@bagder without reading the article I knew why š
Maybe submitting a repot should cost something? The people that are confident about their findings would get the reward that easily pays for that. For the slop that's just too expensive.
Sounds weird but... maybe?
@tcurdt so when you read the post you can read my answer to that question!
-
@tcurdt so when you read the post you can read my answer to that question!
Sorry, I was too quick with my reply š«£
Yeah, I can see receiving a fee being a pain, too. Especially the uneven barrier to entry feels unfair.
-
The end of the #curl bug-bounty
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/
@bagder Makes sense to end the paid program, given the quantity of slop it was receiving. It's too bad because paid bug bounties can be helpful in surfacing real problems, but it makes sense given the circumstances.
Kind of unfortunate to use an AI slop header image along with it, though, don't you think?
-
The end of the #curl bug-bounty
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/
@bagder Where's that header image from?
-
undefined aeva@mastodon.gamedev.place shared this topic on
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Soā¦ the first day of #FOSDEM 2026 was so inspiring, and it really motivated to build more things for #ActivityPub and the #fediverse! Also it was a lot of fun to meet hundreds of kind and smart people!
#fedidev
-
@andreabettini dāaltronde con quelli che ha adesso devono solo fare una manovra anticollisione ogni ~100sā¦
https://mastodon.social/@space_environmentalism/115991582122499206
-
@bloeckchengrafik@social.tchncs.de Thanks for listening my talk!
-
Wasn't aware of FEP-8a8e (A common approach to using the Event object type)!
-
FOSDEM attendance is, when I think about it, one of the most consistent rituals of my life
-
Levante: xi jinping esautora il numero due della commissione militare centrale. la puntata di gennaio 2026
@anarchia
Puntata di gennaio 2026, su Radio Onda dāUrto, di Levante, approfondimento mensile dedicato allāAsia Orientale. La puntata di venerdƬ 30 gennaio allāinterno del ciclo āLa Cassetta degli Attrezziā (ore 18.45, in replica
-
https://www.lanazione.it/firenze/cronaca/ragazza-aggredita-firenze-vo07kln0
Meloniiii...e fallo un decretino!
-
Do you get it now?
