Port-vax archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Bountysource campaign for gcc-vax



> On May 28, 2020, at 4:57 AM, Mouse <mouse%Rodents-Montreal.ORG@localhost> wrote:
> 
> Even if it's _not_ an outright scam (one non-scam campaign does not a
> trustworthy organization make), it sounds as though it's badly run,
> badly enough that the risk that its authentication and authorization
> database has been, or will be, compromised is even higher than it is
> for most organizations (and that latter is already uncomfortably high
> to some, such as me).

Actually, I appreciate that they are using (large) 3rd-party services for authentication and payment processing specifically because that way this small organization doesn't have to roll their own, with the likelihood that doing so would almost certainly make them more vulnerable to compromise.

-- thorpej



Home | Main Index | Thread Index | Old Index