4·
1 month agoWell, they did it anyways, so…
Also this might work as an answer to “yeah, it’s a bug, but we won’t pay you”
Former Reddfugee, found a new home on feddit.de. Server errors made me switch to discuss.tchncs.de. Now finally @ home on feddit.org.
Likes music, tech, programming, board games and video games. Oh… and coffee, lots of coffee!
I � Unicode!
- 0 Posts
- 8 Comments
Joined 5 months ago
Cake day: June 21st, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I couldn’t help but find it amusing—they were now asking me to keep the report confidential, despite having initially dismissed it as out of scope.
“Sorry, but per your own guidelines this is out of scope. Because of this, this bug is not part of the agreement and guidelines on Hackerone. You can find my full disclosure, that I wrote after your dismissal here: <Link>” /s
Imagine getting a 404 or 500 error. Then archiving that on archive.org (and screenshot that dialog on steam) and accept the terms. If there’s any problem and they say you violated the EULA, point them to the terms you accepted.
They now run Arch btw
assert triangleObject.shouldFitInHole(triangleHole) == true assert triangleObject.shouldFitInHole(squareHole) == false
Since almost everything on the right would be located in /home/<username> on the left, it should include some of the subdirectories of %windir%\
I did that once with another company. The result was that I got an abuse complaint from them and my domain got on a spam blacklist for a while.
Since then, for such mails it’s only abuse reports and sinkhole their domain if possible.
I don’t know the Immich API, but I’ve seen several REST APIs that used the usual pattern of
GET /api/v1/user/<id> - read user POST /api/v1/user/ - create user ...but also allowed
GET /api/v1/user/<id> - read user GET /api/v1/user/?action=create - create user ...