Dear IT-humans: Please do yourselves a favour and create security@ as an email address on all of your domains which is actually routed and read by someone with knowledge about your IT!
That way you make it easy for people who accidentally stumble upon security issues with your infrastructure to actually report them to you.
The sheer fact of having and reading security@ (as mandated by RFC 2142) will help improving your IT security.
It is proven! I am metalplates on Keybase: https://keybase.io/metalplates/sigchain#0e9a404d1badcda44b2be15bd731cd8914c8355878fa985c31d091504146d2580f
Like think about the kind of web we could self-host without having to pay for web hosting providers to rent tiny slices of computing time. Pretty much every home machine is way overpowered for web hosting, and you can buy dedicated hardware for hosting for just a few dollars now. ISPs are Soo hostile to this, though: data caps, double nat'ing, refusing to roll out ipv6, charging ridiculous amounts for static ips... All of it is just a disaster when you think about what the internet could be.
sysadmin, cyberpunk, gamer