Tweeted. No content guarantees. 

Best of luck to Epic in their bullshit process.
---
RT @geerlingguy
lol for one of my #opensource projects, an #infosec employee at @EpicGames emailed me this questionnaire with over 100 questions and wants me to fill it out so *they* can use my freely available open source software.

No.
twitter.com/geerlingguy/status

Tweeted. No content guarantees. 

@offby1 ahaha, I have seen these after Log4shell stuff hit, billion dollar companies sending "security questionnaires" to FLOSS projects they rely on (read: exploit) in their products.

The correct response to this is, of course, either "fsck right off" or "filling this out will take me X hours, my rate for this is $YYYY, whom should I invoice?"

Tweeted. No content guarantees. 

@rysiek @offby1 How about they audit your source code and contribute patches 🤦

Tweeted. No content guarantees. 

@gunchleoc @offby1 "reviewing your patches will take me X hours, my rate for this is $YYYY"

Tweeted. No content guarantees. 

@humanetech @gunchleoc @offby1 yes, see also the start of this thread 😉

Tweeted. No content guarantees. 

@rysiek @gunchleoc @offby1

Yes, but I do not see a HN discussion link, though 🤔

Tweeted. No content guarantees. 

@humanetech @gunchleoc @offby1 ah, fair! Sorry, jumped the gun here a bit.

Sign in to participate in the conversation
Mastodon

The original server operated by the Mastodon gGmbH non-profit