jring-o
commented
6 years ago Thank you for getting this moving CM!
I think a clearly marked "Security Disclosure" section under a "contact" page will do wonders for Gridcoin development and reputation.
For those who do not wish to use slack, we could direct them to a specific e-mail, perhaps multidev, perhaps not, whatever structure we want.
While we're at it, what if we set up more direct communication channels for other types of contact:
Media Marketing Development Business Proposals Partnerships Researchers (for people who want to make projects with BOINC and fund them with GRC but don't know where to start, for example)
and whatever else we can come up with.
This will break up contact so no 1 person must deal with all the different e-mail GRC receives. If these are added to a General@gridcoin (or whatever) e-mail, it will also act as a natural filter for people asking random questions and people with specific intent.
barton2526
grctest
Due to a lack of communication & established security disclosure instructions, several security researchers have published rather negative research against Gridcoin citing a lack of communication/attention by the devs.
Ideally, we should not promote contact@gridcoin.us as the main contact point as this isn't a team email account but rather monitored by Rob (who in this scenario allegedly ignored/missed the researchers subsequent emails).
We should route researchers towards Slack's #development channel, or instruct them to contact an admin/op/mod on irc/telegram/slack/cryptocointalk. Had the researchers reached out via chat, they would have had more attention paid to them by many users.