10 comments

[ 4.6 ms ] story [ 31.0 ms ] thread
> Priority will be granted to encrypted reports – please include your PGP public key with such reports.

Is this a common thing? Why should they give priority to encrypted reports?

Shouldn't they give priority to unencrypted ones since they're ostensibly more likely to be publicly exposed?
It could be a somewhat arbitrary bar to separate the wheat from the chaff. If they get a lot of questionable submissions, prioritizing encrypted submissions means prioritizing submitters who at least know enough to use encryption.
And? Lots of companies do; it's a best practice.
Yep. Also lots of companies that should do it, but doesn’t.
The title on this story changed long after I wrote this; the original title was something like, "Tesla accepts reports encrypted to a PGP key."
I thought it was an interesting position for what is ostensibly a car company to take. If this is common for car companies, who are more and more becoming software companies, I was unaware.

Also, personally I’m a big fan of yours.