[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

99% of PGP-encrypted security reports to [email protected] are bogus

Some sanity comedy for the bored:
"99% of the PGP-encrypted emails we get to security at golang.org are
bogus security reports. Whereas "cleartext" security reports are only
about 5-10% bogus. Getting a PGP-encrypted email to
security at golang.org has basically become a reliable signal that the
report is going to be bogus, so I stopped caring about spending the 5
minutes decrypting the damn thing (logging in to the key server to
get the key, remembering how to use gpg)."
â?? Brad Fitzpatrick
Quote: https://news.ycombinator.com/item?id=14123388
courtesy this week's LWN briefs https://lwn.net/Articles/721184/