So it's been "on review" for more than a year now?! So the filter is basically unidirectional since they apparently don't care about false positives. I wonder who else uses that filter database provider
Oh, and Microsoft includes that adult software in their operating system. Can someone report to Vodafone that all Windows PCs must be blocked because they run adult content. Except for those who have deleted curl.exe of course...
Roughly the same thing happened to me, although it only took 11 months to get the visa. It happened to so many people at the company I work for (IBM / Red Hat) that they eventually gathered together testimonials from everyone and sent them to one of the senators where Red Hat is based in North Carolina, and magically everyone's visa "problem" was resolved within 2 weeks. The root cause is that Trump defunded the relevant sections of the State Department: https://www.economist.com/united-states/2022/07/28/americas-...
Do you have your process of how to handle bug reports written down? I'd love to see it, especially if it includes what data you gather, like the commit that introduced a bug.
I guess it's probably in everything curl or will be?
I only record the introduction commit for security flaws as they are rare and important enough to give that level of attention. And that's not a mandatory or required step in our process, I do it mostly as a service for users and to satisfy my own curiosity.
Thanks everyone for the positiveness and expression of appreciation I've sensed here. The threat has been reported to the police and I'll move on. I love you all. Now I'll go back and continue working on curl.
Thank you for your useful project and sorry you have to deal with this. Consider reporting to US authorities as well if you have not done so, (or wherever you think the threat may have originated from).
I doubt it. If it is enabled, I don't see how the hacker could've circumvented it. I wonder if @bagder uses 1Password or something similar for 2FAs. Would love to know once this gets resolved.
I rather refrain from speculating as I truly have no idea! As I describe in my blog post, I just got an email saying "someone" had logged into my account from a new device and then I was kicked out (as that user then changed password and email presumably).
Discussed on this very site for example back in 2022: https://news.ycombinator.com/item?id=31248250