privacyguides/privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

Add Security Policy #1001

Merged
jonah merged 2 commits from security-policy into master 2019-07-09 11:52:20 +00:00
Conversation 8 Commits 2 Files Changed 2 +36
jonah commented 2019-06-20 21:32:12 +00:00
Owner
Copy Link

As recommended in #988:

Since privacytools.io has somewhat recently become a service provider, I suggest we have an official bug reporting policy.

This sounds good to me. I added some basic instructions to a security policy file, do you think this is enough or well-constructed? Let me know if anything should be added @beardog108.

Closes #988

As recommended in #988: > Since privacytools.io has somewhat recently become a service provider, I suggest we have an official bug reporting policy. This sounds good to me. I added some basic instructions to a security policy file, do you think this is enough or well-constructed? Let me know if anything should be added @beardog108. --- Closes #988
Mikaela (Migrated from github.com) reviewed 2019-06-20 21:32:12 +00:00
blacklight447 (Migrated from github.com) reviewed 2019-06-20 21:32:12 +00:00
netlify[bot] commented 2019-06-20 21:32:55 +00:00 (Migrated from github.com)
Author
Owner
Copy Link

Deploy preview for privacytools-io ready!

Built with commit ad344be456

https://deploy-preview-1001--privacytools-io.netlify.com

Deploy preview for *privacytools-io* ready! Built with commit ad344be456504a6f309d860c1d280917f6f4f39d https://deploy-preview-1001--privacytools-io.netlify.com
ghost commented 2019-06-20 21:40:32 +00:00 (Migrated from github.com)
Author
Owner
Copy Link

Thanks for adding. Looks pretty good, but i'd clarify that user & admin accounts not owned by the tester are out of scope as well.

Thanks for adding. Looks pretty good, but i'd clarify that user & admin accounts not owned by the tester are out of scope as well.
👍 1
ghbjklhv (Migrated from github.com) reviewed 2019-06-21 22:09:48 +00:00
SECURITY.md
@ -0,0 +20,4 @@
* Reports against infrastructure outside our control
* User or admin accounts not owned by the tester
## Disclosure Policy
ghbjklhv (Migrated from github.com) commented 2019-06-21 22:09:48 +00:00
Author
Owner

This does not seem to include if users will be informed in case data is leaked.

My understanding is that social.privacytools.io and other services collect information like email.
What happens if this information gets stolen? How would users be informed?

This does not seem to include if users will be informed in case data is leaked. My understanding is that social.privacytools.io and other services collect information like email. What happens if this information gets stolen? How would users be informed?
jonah reviewed 2019-06-22 00:14:07 +00:00
SECURITY.md
@ -0,0 +20,4 @@
* Reports against infrastructure outside our control
* User or admin accounts not owned by the tester
## Disclosure Policy
jonah commented 2019-06-22 00:14:07 +00:00
Author
Owner

Added info to ad344be

Added info to ad344be
jonah approved these changes 2019-06-22 06:59:48 +00:00
privacytoolsIO (Migrated from github.com) approved these changes 2019-07-09 11:52:12 +00:00
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
jonah
Mikaela
blacklight447
privacytoolsIO
Labels
Clear labels
🔍🤖 Search Engines
approved
approved, waiting for a PR
dependencies
Pull requests that update a dependency file
duplicate
feedback wanted
high priority
I2P
The Invisible Internet Project (I2P)
iOS
low priority
OS
Operating Systems
Self-contained networks
Social media
stale
A label for stalebot if it gets added
streaming
Anything related to media streaming.
todo
Tor
Anything covering the Tor network
WIP
active work in progress, do not merge or PR (yet)!
wontfix
Issues or bugs that will not be fixed and/or do not have significant impact on the project.
XMPP
Extensible Messaging and Presence Protocol
[m]
Matrix protocol
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
Browser Extension related issues
enhancement
software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
Correction of content on the website
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
Firefox & forks, about:config etc.
💻 hardware
🌐 hosting
🏠 housekeeping
Anything primarily related to site cleanup.
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
Virtual Private Network
🌐 website issue
*Technical* issues with the website.
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
Domain Name System
🗨️ instant messaging (im)
🇦🇶 translations
Anything covering a translated version of the site
No Label
feedback wanted
Milestone
No items
No Milestone
Assignees
Clear assignees
jonah
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: privacyguides/privacytools.io#1001
No description provided.
Delete Branch "security-policy"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?