Security

In Expatistan we understand that security is a very important aspect of web applications, and we take security seriously. We take appropriate steps to make your usage of Expatistan.com safe and secure for you and for your data. These include:

  1. Encrypting all sensitive information transmitted between your computers and our computers, in the same fashion that e.g. banks use to protect customer account information.
  2. Following industry standard practices to secure our servers. These include routinely updating the software installed on our servers, physically protecting access to them, restricting access by password and other technological countermeasures, not storing plain-text passwords in the database, etc.
  3. Restricting access to your data to our employees and third-party partners who absolutely need that access to provide service to you.

Vulnerability Reporting

As the founder of Expatistan, I can say that everyone at Expatistan is grateful for the contributions to software security made by security researchers in our industry. If you believe you have discovered a security vulnerability in Expatistan, please contact me directly at gerardo@expatistan.com with as much information as possible about the security issue, how to exploit it or reproduce it, and any other helpful information. You will have my full and immediate attention.

You may use the following PGP key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (GNU/Linux)

mQENBFJox4wBCADLyR1xRURR0+HXpbFpSuCGB7HYg4JqNbBVyuPvWVu4XVmnXuNW
6LyKVPVYR7QU3lpr8OL3iy6X+w+wzwiShgMjs1hpX1CxEUPRRNyrLgqgta/DTIJO
NQiUCUPbQvbc2bLITJ0o62fB98N3CirL7bh8sveB943AmO4091XpBN0n8bbH3yL0
ZjLc8e4R5xKcNkhq8eVr1joY8OfxnfXxOThwtKQ55wcsz7TULqaQnKkH8zmuU7sN
0dWnwhuhyISbeCGNZlnHX8FIfrkJKHt5puL6h+3/ucVHmXN2lt/aC7w47iSUvou3
qjhtdmh69KMnCnj5q2qFXlb3hLnwCuhn3crfABEBAAG0K0dlcmFyZG8gUm9ibGVk
aWxsbyA8Z2VyYXJkb0BleHBhdGlzdGFuLmNvbT6JATgEEwECACIFAlJox4wCGwMG
CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELazxCms6v9ZDL8H/3sAkVfiB5p4
NnpfMGB6nTHy/VE0LRgDegRUza2F3U4+z1cCMfE3YAPhGuOKMxuouZ+LNRmFOZ57
F4bw5OmvbIF+Ygu19Ra9gYfwzr+sjplum+PVJ0R3ATXVd9KjwC4BiN+hdTZs8MjZ
jbKWRzI/DqWG5hVWJsyiaiqfN6YIp0/VlLe7K525OvYBdlDXB15AWnGP5xwQCYZ2
cDcTcrh6ZN08s86MABwXGR+JTY1RurM0V/AUzoK4miWAL+JEBiMKzzkp9ZwANCrS
aZJGYEhJE3ZX5sy0tSKyDX7EOyOivzU+n3Q536emcxK2HFgC87S2kGcf9oO6ZxBL
V8aE1Hi6gxS5AQ0EUmjHjAEIAMduXNYRkngthnmJBvuQTKUjuL4/TecBKLCY/upF
yhSJg+Q/QKRPsGbx1mTXDZwX2DKdW2pHT8mSAmWGKBZbOAeBIUZqFgBV5mrWTeRU
rNBzd5RPCSYQauj2QcIjzOPXwZaEdJQJsJ5QE6gRBjcrx/P9hhuRg1AgJvSb2eMq
ZRdkqjySMjcQiW4/frRbDvgmh6llVYzUVcrsYGILUPuSoLp3jMj5kaDXrQ2my8EG
Cjt121j0UQGLnEZQl9bOByoGL7GB1gyaBAKLSDwTi+d3r97iC59pF89zuFBDnGKd
g1oIbsdYPMK1PqmS76ldqE7ZXLXc5qF075wwJeNjruAdKAEAEQEAAYkBHwQYAQIA
CQUCUmjHjAIbDAAKCRC2s8QprOr/WYToB/99RS8LDvES2uo9LA7zLN8zwsz8cOF0
auLhn3GGmegTxg46bqjI0Fx7ByjgZ442D8t5eIT/ZuTqEEtnQFqLebRFVwaSAakD
pO0oCoxQAlrWZ7unYzaY7ajSfrZjNb7IyGslHAfa5m2OyVB3vj1QB8mR9eQLSwj7
xfmW36oI5VonnzZe6iqcbqPmNZYf4kBNqduXhIDbesw3F0HdawYO551/ESNJAqg9
FCQeXszf/NuR+WI3wHmYtrLLQjdNqefU3qsmpxNUjk6Y/ntDExJoaNVapZpBgi/9
J4BbeNP0s+hfK8LUkkxzsGCeg1gGkIXdgqxXaWU4W1HsFXMAmdGnpZNF
=Odeu
-----END PGP PUBLIC KEY BLOCK-----
  

Fingerprint:

6FD8 F1EC 92FE AEC0 7622 CDFD B6B3 C429 ACEA FF59

Thank you for your help

We appreciate the time and work it took to discover and report security vulnerabilities. The following people helped us to find, fix, and disclose security vulnerabilities safely:

(an * indicates two or more vulnerabilities have been reported)