

Show HN: Easy email notifications for major security vulnerabilities. - cbarber
http://www.vulnerable.co/

======
ics
Great idea! Mind if I ask how you're curating the data that you send out? That
is, if you're doing it manually then it's basically a 'better than nothing,
probably' approach because the people benefiting from the service would be
those who presumably _aren't_ combing the web for vulnerabilities therefore
making them pretty reliant on you and your information– whether it's from the
dev-core, netsec, or plain-old-HN outrage.

1) Are you doing an automated scrape of data? If so, who are your sources? 2)
What do you consider "the most important" vulnerabilities? Any plans for
letting this be user selectable (i.e. at signup decide whether you want _all_
or _critical_ , etc.)?

Aside: It would also be nice if you provided a sample email on the frontpage,
otherwise people just have to sign up and wait to see if the service is what
they expect.

------
kmf
Personal preference here, but 5 (!) links to the sign-up page seems a bit
much. You could safely drop the bottom three and keep the navigation choice
and the hero button - it's pretty clear how to register already.

~~~
cbarber
Fixed. Great point.

Btw - the site is being served statically though Heroku [1]. This is the first
time I have tried this out, and it worked fantastically.

[1] [http://kennethreitz.org/exposures/static-sites-on-heroku-
ced...](http://kennethreitz.org/exposures/static-sites-on-heroku-cedar)

------
jayferd
Timely, given the recent PyPI breach and Rails/Ruby YAML parsing
vulnerabilities.

