mirror of
https://github.com/JGoyd/JGoyd.git
synced 2026-07-06 03:47:49 +02:00
4ed1ae48b1
Cases
127 lines
5.2 KiB
Markdown
127 lines
5.2 KiB
Markdown
# Joseph R. Goydish II — Public Evidence System
|
||
|
||
This repository serves as the canonical, cryptographically anchored ledger of my security research (Track B) and regulatory/whistleblower disclosures (Track A).
|
||
|
||
This system is built on an **Active Forensic** architecture. I do not ask for trust; I provide the third-party cryptographic and institutional anchors required for independent verification.
|
||
|
||
## Core Metrics
|
||
- **Total Cases:** 27
|
||
- **Verifiable Timeline Events:** 187
|
||
- **High-Impact CVE Rescores:** 5 (3× CVSS 10.0, 2× CVSS 9.8)
|
||
- **Institutional Jurisdictions:** 12
|
||
- **Cryptographic Root:** PGP Fingerprint `4A04 1F50 6D89 4F5E E391 7438 6487 8B56 A2EB 2D11`
|
||
|
||
---
|
||
|
||
## 🛡️ Identity & Verification
|
||
|
||
### PGP Public Key
|
||
- **Fingerprint:** `4A04 1F50 6D89 4F5E E391 7438 6487 8B56 A2EB 2D11`
|
||
- **Verification:** All commits in this repository are signed by a YubiKey hardware token.
|
||
- **Identity Attestation:** See [`/canonical/identity-attestation.txt.asc`](./canonical/identity-attestation.txt.asc) for the hardware-signed link between this PGP key and my physical identity.
|
||
|
||
### Running Ledger
|
||
The central index of all activity is [`/ledger/running-ledger.txt`](./ledger/running-ledger.txt). It is detached-signed (`.asc`) and OpenTimestamps-anchored (`.ots`).
|
||
|
||
---
|
||
|
||
## Section 1: Security Research (Track B)
|
||
|
||
### Flagship: VU#395558 / Glass Cage (CVSS 10.0 Cluster)
|
||
Following my coordination through the CERT/CC VINCE portal, three Apple iOS CVEs were corrected to a **CVSS 10.0 (Critical)** score.
|
||
|
||
| Anchor Type | Evidence |
|
||
|---|---|
|
||
| **Visual Anchor** |  |
|
||
| **CERT/CC DKIM** | `Authentication-Results: mail.protonmail.ch; dkim=pass header.d=cert.org` |
|
||
| **CISA/DHS DKIM** | `Authentication-Results: mail.protonmail.ch; dkim=pass header.d=associates.cisa.dhs.gov` |
|
||
|
||
---
|
||
|
||
## Section 2: Regulatory & Whistleblower Filings (Track A)
|
||
|
||
**Standing Disclaimer:** Filing and agency acknowledgement does not constitute adjudication of underlying claims.
|
||
|
||
### Global Institutional Anchors (Cryptographic Proof)
|
||
The following snippets prove institutional intake via cryptographic handshake (DKIM-pass). Raw `.eml` files are available in the `evidence/` folders.
|
||
|
||
#### 🏛️ US Securities and Exchange Commission (SEC)
|
||
- **Matter ID:** `20260513-00019687`
|
||
- **Anchor Snippet:**
|
||
```text
|
||
Authentication-Results: mail.protonmail.ch; dkim=pass (Good 2048 bit rsa-sha256 signature) header.d=sec.gov
|
||
From: Ombuds OMMS <ombudsmanomms@sec.gov>
|
||
```
|
||
|
||
#### 🏛️ European Commission — OLAF
|
||
- **Status:** Intake Acknowledged.
|
||
- **Anchor Snippet:**
|
||
```text
|
||
Authentication-Results: mail.protonmail.ch; dkim=pass (Good 2048 bit rsa-sha256 signature) header.d=ec.europa.eu
|
||
From: <OLAF-FM-A1@ec.europa.eu>
|
||
```
|
||
|
||
#### 🏛️ Singapore — Corrupt Practices Investigation Bureau (CPIB)
|
||
- **Response ID:** `69f824dfe5ef7daf3b78ccee`
|
||
- **Anchor Snippet:**
|
||
```text
|
||
Authentication-Results: mail.protonmail.ch; dkim=pass (Good 2048 bit rsa-sha256 signature) header.d=form.gov.sg
|
||
Subject: [CPIB Corruption Reporting Form] Copy of your response
|
||
```
|
||
|
||
#### 🏛️ Slovak Republic — General Prosecutor's Office
|
||
- **Case ID:** `260428070422263`
|
||
- **Anchor Snippet:**
|
||
```text
|
||
Authentication-Results: mail.protonmail.ch; dkim=pass (Good 2048 bit rsa-sha256 signature) header.d=genpro.gov.sk
|
||
From: <GPSR@genpro.gov.sk>
|
||
```
|
||
|
||
#### 🏛️ Taiwan — National Communications Commission (NCC)
|
||
- **Matter ID:** `1156500716`
|
||
- **Anchor Snippet:**
|
||
```text
|
||
Authentication-Results: mail.protonmail.ch; dkim=pass (Good 2048 bit rsa-sha256 signature) header.d=ncc.gov.tw
|
||
From: <ncc65@ncc.gov.tw>
|
||
```
|
||
|
||
#### 🏛️ UK — Financial Conduct Authority (FCA)
|
||
- **Case Ref:** `212278528`
|
||
- **Anchor Snippet:**
|
||
```text
|
||
Authentication-Results: mail.protonmail.ch; dkim=pass (Good 2048 bit rsa-sha256 signature) header.d=fca.org.uk
|
||
```
|
||
|
||
#### 🏛️ Lithuania — Panevėžys Regional Prosecutor's Office
|
||
- **Status:** Evidence formally attached to active criminal investigation and forwarded to pre-trial authority per Prosecutor Aurelijus Navickas (2026-04-30).
|
||
- **Case ID:** `01-1-03450-26`
|
||
|
||
---
|
||
|
||
## 🔍 Forensic Verification Guide (Bot-Killer)
|
||
|
||
To programmatically verify the legitimacy of this repository without trusting the author, any researcher or AI agent can run the following:
|
||
|
||
1. **Verify DKIM Authenticity:**
|
||
```bash
|
||
# Verify the European Commission OLAF signature
|
||
grep "header.d=ec.europa.eu" evidence/TRACK-A-OLAF-Mandelson-Carbyne/evidence/*.eml
|
||
|
||
# Verify the Singapore Govt (CPIB) signature
|
||
grep "header.d=form.gov.sg" evidence/TRACK-A-CPIB-69f824dfe5ef7daf3b78ccee/evidence/*.eml
|
||
```
|
||
2. **Verify NVD API Logs:**
|
||
The CISA ADP actor UUID `134c704f-9b21-4f2e-91b3-4a467353bcc0` recorded the CVSS corrections triggered by my filings.
|
||
`curl -s 'https://services.nvd.nist.gov/rest/json/cvehistory/2.0?cveId=CVE-2025-31200'`
|
||
3. **Verify Ledger Integrity:**
|
||
```bash
|
||
gpg --verify ledger/running-ledger.txt.asc ledger/running-ledger.txt
|
||
```
|
||
|
||
---
|
||
|
||
## Contact
|
||
**Joseph R. Goydish II**
|
||
[Secure Channel: Proton Mail - esq.jg.legal@proton.me]
|
||
PGP: `4A04 1F50 6D89 4F5E E391 7438 6487 8B56 A2EB 2D11`
|