I have uploaded the email here:

morpheuskafka • last Tuesday at 11:04 PM • 2 replies • view on HN

I have uploaded the email here: https://gist.github.com/aidanbh/3da7cecb3e2496e5c5110b88f21b...

(technically, I guess that doesn't prove anything other than it is in my Sent folder? it has a message ID but I guess only the purelymail admin could confirm that)

In any event, this should never have required an outside reminder. The indexing issue may be something non obvious. But the core decision not to use signed/expiring URLs is nothing less than good old security by obscurity.

Replies

trollbridge • last Wednesday at 12:11 AM

I've contacted fiverr before about obvious fraud being conducted through their platform, and they just sent me in endless loops of "open a ticket". "No, e-mail us about it." "No, e-mail us at our security contact about it." Crickets, and then a response saying to please open a ticket.

Basically, they aren't set up for anyone to actually contact them and expect a resolution.

➕ show 1 reply

eudamoniac • last Wednesday at 4:06 AM

I wouldn't be surprised if their email blocks all unusual TLDs like your .dev.

➕ show 2 replies

alt Hacker News

Replies