"[…] full disclosure vulnerability policy. Please do NOT attempt to report any security vulnerability in this code privately to anybody." +1
-
-
-
wait I thought this was the opposite of best-practice? Is there a counter-movement to prevent, like, exploit hoarding?
-
Nope, this is the best practice.
-
Got any good links? What's the argument against priv disclosure? Naively, pub disclosure gives exploits more time before patch?
-
It's somewhat controversial. See e.g. https://security.googleblog.com/2010/07/rebooting-responsible-disclosure-focus.html …
End of conversation
New conversation -
-
-
@durumcrustulum Well, thanks for fixing it

-
I believe I didn't "fix" anything as I think it was working before. I just shared some efficiency tweaks.
-
Much appreciated! More improvements coming soon :)
-
Great. I bet you're already doing the things I was about to suggest. I'll watch the project.
End of conversation
New conversation -
-
-
Wouldn't throw it out just yet, e.g. if you want to extend the tree, iterate over the tree, or generate proofs in less than O(n)
-
I got the impression that they are aware of some areas for improvement and have some changes planned already.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.