lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 18 Dec 2008 22:11:45 +0000
From: Chris Pritchard <mailinglist@...iniacghost.co.uk>
To: xyberpix <xyberpix@...erpix.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Urgent Google Contact

Reporting Security Issues

If you are a Google user and have a security issue to report regarding  
your personal Google account, please visit our contact page. This  
includes password problems, login issues, spam reports, suspected  
fraud and account abuse issues.

If you have discovered a vulnerability in a Google product or have a  
security incident to report, please email security@...gle.com. Please  
include a detailed summary of the issue including the name of the  
product (e.g., Gmail) and the nature of the issue you believe you've  
discovered. Be sure to include an email address where we can reach you  
in case we need more information.

This process of notifying a vendor before publicly releasing  
information is an industry-standard best practice known as responsible  
disclosure. Responsible disclosure is important to the ecology of the  
Internet. It allows companies like Google to keep users safe by fixing  
vulnerabilities and resolving security concerns before they are  
brought to the attention of the bad guys. We strongly encourage anyone  
who is interested in researching and reporting security issues to  
observe the simple courtesies and protocols of responsible disclosure.

Working together helps make the online experience safer for everyone.

We take security issues seriously and will respond swiftly to fix  
verifiable security issues. Some of our products are complex and take  
time to update. When properly notified of legitimate issues, we'll do  
our best to acknowledge your emailed report, assign resources to  
investigate the issue, and fix potential problems as quickly as  
possible.

We value the security of Google services as well as your privacy when  
you report vulnerabilities or incidents to us. If you feel the need,  
please use our public key to encrypt your communications with us when  
sending email to security@...gle.com.

- from http://www.google.com/corporate/security.html

On 18 Dec 2008, at 21:46, xyberpix wrote:

> Hi all,
>
> Does anyone have contact details for anyone at Google's security
> department at all?
>
> TIA
> xyberpix
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ