Since this project has a relatively "low-stake" development phase, but has a relatively "high-stake" practical applications (i.e. problemsetting in contests), security issues might be one of the important concerns right now.
I tried to write the security rules carefully. However, there may still be bugs or "security holes". Penetration tests and bug reports are appreciated.
Even though I think I'm careful, but as long as I cannot prove rigorously that this thing is "secure", I'm always prepared to accept "security holes". For normal users: please keep in mind that there MAY be security holes which haven't been found yet. And if I find it I'll report ASAP. Nevertheless, I'm going to trust my procedures for now because I'm pretty sure (as of myself) that I'm careful enough. (And again, my sure can't be so sure as long as I can't prove it, so ... I'd sadly ask you to take the risk until we can certify the security of this thing)
If you want to do some pentest or manage the security at a higher level, feel free to contact me. (or at least give some comments in this issue)
Since this project has a relatively "low-stake" development phase, but has a relatively "high-stake" practical applications (i.e. problemsetting in contests), security issues might be one of the important concerns right now.
I tried to write the security rules carefully. However, there may still be bugs or "security holes". Penetration tests and bug reports are appreciated.
Even though I think I'm careful, but as long as I cannot prove rigorously that this thing is "secure", I'm always prepared to accept "security holes". For normal users: please keep in mind that there MAY be security holes which haven't been found yet. And if I find it I'll report ASAP. Nevertheless, I'm going to trust my procedures for now because I'm pretty sure (as of myself) that I'm careful enough. (And again, my sure can't be so sure as long as I can't prove it, so ... I'd sadly ask you to take the risk until we can certify the security of this thing)
If you want to do some pentest or manage the security at a higher level, feel free to contact me. (or at least give some comments in this issue)