[breakingcups]

I will say that a "Critical Security Vulnerability in flyctl, update now: https://bad-link/to/update.zip" tweet will have very serious consequences for a portion of your userbase, despite not directly compromising your own infra.

[tptacek]

You could do that yourself today by getting a blue-checked @realFlyDotIo. But there's a paragraph in the article about this, and we know what we would have done had there been any signs of direct attacks on our users.

[zahlman]

> You could do that yourself today by getting a blue-checked @realFlyDotIo

Wouldn't that also require convincing your customers to follow that account?