We take the security of our infrastructure and operating system seriously. Personal data is an important resource, and we want to ensure users can place their trust in Haiku.
Our infrastructure contains sensitive personal user data, and we aggressively keep this information private on a need-to-know basis at all times.
If you have discovered a vulnerability, CVE, or exploit that you believe puts user data at risk, please submit a detailed report to firstname.lastname@example.org. Haiku, Inc. will ensure a rapid response from our infrastructure / sysadmin team.
Our infrastructure team will correct the vulnerability, and work with Haiku, Inc. to disclose the scope of the breach to the impacted users.
Haiku (the operating system)
While Haiku is under heavy development, we still desire to create a secure operating system free of any major vulnerabilities. Our developers on the development mailing list would be interested in discussing any security issues within Haiku.
Haikuports (ported software)
Any serious vulnerabilities should be reported to the Haikuports issue tracker