Thank you for taking the time to consider the security of other people! If you’ve found a security vulnerability with any of my infrastructure, I’d greatly appreciate an email. If the vulnerability is sensitive enough, please consider encrypting the contents with my public key (Key ID 0x30856D4EA0FFBA8F).

As soon as I receive any reports, I’ll respond as soon as possible then begin confirming it myself. Once I’ve addressed the issue I’ll publish both an acknowledgement on this page and write a post on addressing the vulnerability. You’re welcome (and I encourage you) to publish your analysis and I will happily link to it in both places.

Alternatively, if one the configs I’ve published on my site has a flaw I’d love to hear about that as well and will also give you an acknowledgement here and on the page with the effected config.


Currently, I haven’t received any security reports. Thanks for your consideration