The section quoted below is poorly worded. The feature was improperly designed/deployed if it exposed the email in the browser that the password reset was sent to. But thank you for the quick disclosure. Perhaps use this as a teaching moment on #nostr responsible disclosure of #security issues from the community. Incentivize it with a Bitcoin bug bounty in the future. Alby is still a fundamentally valuable service for me personally. " ... publicly exposed by their owner. Password request emails also have been requested for lightning addresses which falsely exposed the user's email address. This had been a feature deployed to help users keep easy access to their accounts. But as many users post their lightning address on profiles like nostr this should not be exposed and a fix has been deployed immediately. Generally there should be no way to display a user's email address. We have failed here. About 5500 password reset emails had been requested by the attacker. View quoted note →

😎

It’s finally here. The MicroLab 1.0 – Four Thieves Vinegar Collective

Hrm. Apple services just took a hit.

GM.

She is so beautiful after grooming 💕 #GreatPyrenees

This went well. Nutrition was on point. No issues. 50K train next week. Less than month out to taper for 100K. #runstr

The hardest step is often one: the first. Headed out for 5 hour train. 100K is nigh. Stay healthy. Stay on plan. #runstr

Haven blossom test

Do hard things that make you uncomfortable in beautiful places