Report Security Issues
security [at] johlem [dot] net
Include:
- Description of vulnerability
- Steps to reproduce
- Potential impact
- Proof-of-concept (if applicable)
Scope
In scope: johlem.net, *.johlem.net, all security tools
Out of scope: Social engineering, physical attacks, DoS, spam, third-party services
Guidelines
- Do not access/modify/delete others' data
- Do not disrupt services
- Do not exploit beyond proof-of-concept
- Give reasonable time before disclosure
- Act in good faith
Our Response
- Acknowledgment: 48 business hours
- Assessment: 5 business days
- Updates: Every 2 weeks
Safe Harbor
Research following this policy is authorized. We will not pursue legal action against compliant researchers.
Recognition
With permission, we acknowledge contributions. No monetary rewards currently offered.
Contact
Security: security [at] johlem [dot] net
PGP: Available on request
security.txt