| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Nov 2011 10:32:48 +1100 From: xD 0x41 <secn3t@...il.com> To: Veeraganesh Reddy Thondapu <veeraganeshreddy@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Facebook Attach EXE Vulnerability Sounds great thx :) Is maybe abit of this chatter wich aids them to see how important it is to link to the community who find 99.9% of bugs.... i am glad to see *any* expansions within any corporation, it means they are atleast listening to those who know better maybe than they do... but theyre still guilty of trying to reproduce the bug first, to escape paying the bountys, now, they must see that, obviously the security industry thinks differently than they do about security perhaps... either way, it is good if they do expand it.. Also google should be taking more of a lead here, and self promote more theyre own security, wich is again not so visible when you first goto theyre websites... this should be news people nowdays are really HAPPY to hear, because theykeep hearing about the CC breaches, obviously if you start to inform them of security and do it responsibly, public will listen and hopefully they would have to payout less, because people would be all to happy to report some bugs without cashing on them... but, ofcourse they should be tweaking theyre security program, and this is good news for anyone who uses them. cheers. On 2 November 2011 10:10, Veeraganesh Reddy Thondapu <veeraganeshreddy@...il.com> wrote: > Something about facebook expanding there bug bounty > program http://dlvr.it/tDK7F > > On Nov 1, 2011 11:42 PM, "xD 0x41" <secn3t@...il.com> wrote: >> >> March 8 is the 67th day of the year (68th in leap years) in the >> Gregorian calendar. There are 298 days remaining until the end of the >> year. >> >> I doubt thats what you mean but eh ;) >> >> >> On 2 November 2011 02:58, <Valdis.Kletnieks@...edu> wrote: >> > On Tue, 01 Nov 2011 14:00:42 BST, Ferenc Kovacs said: >> >> nice speculation, but imo it would make them look more bad, if they >> >> turn >> >> down the reports, because it will come back to them (either via the >> >> publication like in this case, or just simply someone exploiting it). >> > >> > So exactly how big a hit did Sony's stock price take from the PSN >> > pwnage? >> > >> > >> > https://www.google.com/finance?chdnp=1&chdd=1&chds=1&chdv=1&chvs=maximized&chdeh=0&chfdeh=0&chdet=1320177600000&chddm=98923&chls=IntervalBasedLine&q=NYSE:SNE&ntsp=0&fct=big >> > >> > Look for the big dip in April when they got hacked. Notice there *is* >> > no big >> > dip in April/May - just the same continual slide that started all the >> > way back >> > at the end of February. (For bonus points, figure out what happened the >> > week of >> > March 8-15). >> > >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists