We welcome security researchers that practice responsible disclosure and comply with our policies. Programs by Google, Facebook, Mozilla, and others have helped to create a strong bug-hunting community. The GloArty security program has rules for security researchers to comply.
Do not access (or attempt to access) any user’s account or non-public data.
Do not affect or harm other users (or their access to or use of our services).
Do not perform any attack that could harm the reliability or integrity of our services or data. For example, DDoS/spam attacks are strictly prohibited.
Do not publicly disclose a vulnerability before we have resolved it.
Do not perform (or attempt) non-technical attacks, including spam, social engineering, phishing, or physical attacks against our employees, users, or infrastructure.
We'd like to thank those security researchers who have reported issues that we have since resolved. Welcome to participate and help us to protect.