Yet another reason not to use 's proprietary video conferencing service. They care more about their public image than their users' security, and lie about trying to silence security researchers doing responsible disclosure with hush money:
proprivacy.com/privacy-news/da

There are a number of hosted or self-hostable alternatives, including , as well as conferencing apps like , and protocols like .

@strypey isn't it normal for security researchers to basically go "give me 50$ or i'll tell everyone there's a bug"

Follow

@icedquinn no. The article talks about how responsible disclosure and bug bounties are supposed to work. TL;DR public disclosure, with a delay to allow fixes to be applied, is the norm.

Sign in to participate in the conversation
Mastodon - NZOSS

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!