Home Vulnerability Reporting Policy

Vulnerability Reporting

Reporting a Suspected Vulnerability

If you believe you’ve discovered a security or privacy vulnerability affecting Bathyscope LLC products we encourage you to report it to us.

You can share details suspected vulnerability with us by sending an email to security@bathyscope.io that includes:

  • A description of the vulnerability
  • The hardware and/or software configuration(s) you believe are affected
  • Detailed steps to reproduce the issue
  • Proof of concept or exploit code

If you want to send an encrypted message, you can use this PGP Key.

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBF5fS3ABDADug9EFeDHWZ3RU7TiiRytpiT0hrNZqXUtsBEgpzRDVNI+hVRfn
Lt4Bkaf7vVkcqO6ZpAWOmvZ0Ct4PU7BIA6fLQLhEKdvTeRKFyHHMAOKC64kGAE7A
BLUd6YcJ0swJey+tuwAjOR/70Ux6gLws1lPlJBcLpomwjIG3EmBP7FOl31rRO0cK
sTpGbQDJ5aUvLdDD/mfI5B84ZDW7jgPYi7kvMmZGHbX0lqi28+NiZzDNMJBUQ8O+
p0TLOWnndjFDH+xgWmpp29yQdbf17PhQLz/MOJvyMp8s8P0RbJpTDbhbhP/ymdup
K9M9H4KxDBk3Zu6VPKHPzVVmEPojdGrzEsuEVXPednZPK1EhSNStsaJ0GSoUKEjw
ciXD6N8E6AYhU3sNfd/ZfMls5CTJqud2YlcDUrAxsH1NhYr3V7crgWKRhaVuhTz1
QhXP2BWOj9ooS/+71h3XdhQce509huL/Vswfu1aWKZJNNf1IiptgDLXmuLXP2bjk
z7FirIfdMbuscfsAEQEAAbQsQmF0aHlzY29wZSBTZWN1cml0eSA8c2VjdXJpdHlA
YmF0aHlzY29wZS5pbz6JAdQEEwEKAD4WIQSU0JsMv8bMEm1gFIIYc9pjt8KsHAUC
Xl9LcAIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAYc9pjt8Ks
HEp2DADULGToK0iJUjGaLSqZ/FAvjni0VRCxWzCBfqm4Wgc/5BzERyBVuguBqCij
KMXitJ3dk807rU3KIMGUXyLHkbOcCrMvquD9xA7HGyv2d7U3LMYKBA2EhEGTg70F
F0vfrGwGpAk+MkRSrXkSgHn+h/HOK0/etJ728dj1bBawLnTtuoJGVZxaaLEdS8l3
5rzGGFrSzKaJX2JqDJYsG26JLLyksih+neL90vO27/ONdbq71nnnyfwfxRzLvFGz
QiOLReT9uHPwYy3WzbJvBKMHMpm21tdgGCn2oE2DB0tp9XGpf45PQ6aQvyYMTvc2
Yfhke5lTUamqBolmFOOzUgtrHfjUfBhdsKG23lRasph3lMDSJWifdFy2OtwU4rk/
EyUeTdYe9dMG/Bl/eY6mp96kuuBInIf0TMWgoMpAVrLD5bcZaGmUz2T5/8t05Bl4
dQyi2Y3x6Ei2W/k8Q6wEIWhlUgmDaA6Q7K2urBZpHeOJvQB8h7cIt8ye8SwP1Tom
hAqEF5+5AY0EXl9LcAEMAMkJnOmREBjbPOst7f0VrnPp+OlSgWQYoYpd+L3mdo96
MghnvyQVneMJhOHdZkSGYirq0yWRdeg7jDdjvY98WwnAbcwYUCYbSb+GTwbvglRX
kCArU1prmntRbmpsaZorooMOvD1c+YdP9E6uKuH30HLvVIhoMiunJVugjw3qHGuK
vCxLV4cVxNFCueGWaUUfjtWIUKF4MGLd+ZsPn9NOYWSgi1AC5fF6aWr+4utSa42H
EWXKcbQ24B8VHQRZaN/l5pQ9Tc+8gKhvY5caqSENWXnGfLJTvktreujfZ6lyA4RL
3FXrduepOR4Bx0XXwtcIRqGk5FXIebt4XXbvf0bpkteNrFQ7Gq4TLZTyc2UKYLcI
PKq9700LHOUqp82DZ+k8Je5PRYY/oKvhnealyCsyNSj/VqBOyTXb6sjO90gNzIXh
Q9JaACD1WwU7jqcg6MgNe7EwJdWaDSrLqzNRUo45e51JivWqqhwhXjk8caCaj31z
aecChvySpFjgpmVX0cXB1wARAQABiQG8BBgBCgAmFiEElNCbDL/GzBJtYBSCGHPa
Y7fCrBwFAl5fS3ACGwwFCQPCZwAACgkQGHPaY7fCrBwz1Av/epRxGrIEvDR7SK6A
j5dPV+hjqDGSGoPklN0Q+xn14lxVFFzNJ7XiqlMDa92owEFye6z7fIhVThZLRZjD
hHJriVQiUBY74DVKsGoXWMHrQRMk/z0410lRjalVrTR9KiqkhVaw9NvebgNj9FsJ
mjzRA1mVGAr3YyXZHrHOW4FXiZRtYc8lUsg+wiywz00wgL23XiCmqwBQlG83TBI3
r1BFWtI3p3Jr6qoBtQ+M+2qt8oZrDuPdFMt8eD430rk/BpBTnswXws9fix8xlVFc
phzT0tOJlPt5rS57JDXD4tLiNKidgt7vkxAOSxHuXWemjSpsDhsxUdNQl5oA6IsC
2uU55AmE9fkFfm3+L4XdWQU4mHTZL6Wf8+ib/SujHDSUY3rObbyJiP2vDMfmOwph
qRFGhY0sgz7w/JEIKjY5K6fZb0RlOhsKrWKiU+l4lp1+LJGDZ5g9iYcxFxyVGuNr
Jew8EgLrmANMl9mknLGLSU5Ri4RauSMAhIlnJoeMyXCaEKRD
=whPX
-----END PGP PUBLIC KEY BLOCK-----

Handling of Vulnerability Reports

Bathyscope LLC takes reporting of security and privacy issues seriously. Upon receipt of a report Bathyscope LLC will:

  • Acknowledge receipt of the report
  • Triage the report and follow up with the reporter if more information is needed
  • For verified issues and with the reporter’s permission, publicly acknowledge the reporter for their report

Coordinated Disclosure

Bathyscope LLC follows Coordinated Vulnerability Disclosure and we ask that anyone reporting a security or privacy issue do the same.

For more information see ISO/IEC 29147:2018 on Vulnerability Disclosure.