Laws on the books rarely change, plenty of places have silly leftovers like laws about where you can park your horse.
And I was thinking it was a disease.
Please don't help this country. It needs to fall apart.
I am never filing any vulnerability disclosure under my real name and neither my pseudonym. I've learned this lesson the hard way. Incompetence gets never punished, because intentions do not matter in front of the law - and especially not in front of a criminalizing-by-default law.
Only mad men file responsible disclosures under their real name and risk going to prison because of barbaric laws. Don't be that fool.
CCB does some strange things indeed.
His long, unbreakable password that he only knows by heart can be leaked by any of the services he uses it for, if he uses it for more than one.
Weak password + name of the service is one of the first combinations tried by attackers.
Random complex password but relying on e-mail recovery for unimportant and rarely used services, instead, seems ok (but it takes very little to save a password in a password manager).
It's not a great look that his site doesn't support tls, by the way
userbinator•7mo ago
Stay anonymous, look up extradition laws to be extra-safe.