@bagder similar experience on yeswehack. To be fair the platform owners are trying really hard to put a stop to it, but it's like trying to stop a tsunami with a portable umbrella. I'm beginning to think these platforms need to start charging a deposit for any submitted report...

@bagder in a few months time (yes new year's prediction) the industry will have a financial correction of indeterminate size ... after that it will be easier to reason with folks. As with any tech surge, there are a few things that are useful and a lot of speculation ... the scale (and speed) of all this is daunting mostly due to uncontrolled outcomes. Calm heads prevail.

@bagder Alas, I see the same on those security contact aliases I'm still on.

The highlight of the week was someone sending a several pages long report on an "exposed" Grafana instance, with API traces, screenshots, etc pp. Oh no, confidential data leakage! Asked for a bounty and urged to turn off anonymous access.

Yes, my bro, that is the *public* telemetry dashboard.

There's zero amount of thinking happening before they send those out. Asymmetric warfare.

@bagder jfc what a mess

@bagder

Maddening.

And there is probably more than the "indentified slop", as the growth is much higher than that?

@bagder

„The only winning move is not to play.“ ~ Wargames

@bagder Even if you subtract the 35 likely slop submissions the trend stays the same, though. So, is the slop count an underestimation, or are there different root causes?