Re: Facebook Attach EXE Vulnerability

[xD 0x41 <secn3t () gmail com>]

Sounds great thx :)

Is maybe abit of this chatter wich aids them to see how important it
is to link to the community who find 99.9% of bugs.... i am glad to
see *any* expansions within any corporation, it means they are atleast
listening to those who know better maybe than they do... but theyre
still guilty of trying to reproduce the bug first, to escape paying
the bountys, now, they must see that, obviously the security industry
thinks differently than they do about security perhaps... either way,
it is good if they do expand it..
Also google should be taking more of a lead here, and self promote
more theyre own security, wich is again not so visible when you first
goto theyre websites... this should be news people nowdays are really
HAPPY to hear, because theykeep hearing about the CC breaches,
obviously if you start to inform them of security and do it
responsibly, public will listen and hopefully they would have to
payout less, because people would be all to happy to report some bugs
without cashing on them... but, ofcourse they should be tweaking
theyre security program, and this is good news for anyone who uses
them.
cheers.



On 2 November 2011 10:10, Veeraganesh Reddy Thondapu
<veeraganeshreddy () gmail com> wrote:
> Something about facebook expanding there bug bounty
> program http://dlvr.it/tDK7F
>
> On Nov 1, 2011 11:42 PM, "xD 0x41" <secn3t () gmail com> wrote:
> > March 8 is the 67th day of the year (68th in leap years) in the
> > Gregorian calendar. There are 298 days remaining until the end of the
> > year.
> >
> > I doubt thats what you mean but eh ;)
> >
> >
> > On 2 November 2011 02:58,  <Valdis.Kletnieks () vt edu> wrote:
> > > On Tue, 01 Nov 2011 14:00:42 BST, Ferenc Kovacs said:
> > > > nice speculation, but imo it would make them look more bad, if they
> > > > turn
> > > > down the reports, because it will come back to them (either via the
> > > > publication like in this case, or just simply someone exploiting it).
> > >
> > > So exactly how big a hit did Sony's stock price take from the PSN
> > > pwnage?
> > >
> > >
> > > https://www.google.com/finance?chdnp=1&chdd=1&chds=1&chdv=1&chvs=maximized&chdeh=0&chfdeh=0&chdet=1320177600000&chddm=98923&chls=IntervalBasedLine&q=NYSE:SNE&ntsp=0&fct=big
> > >
> > > Look for the big dip in April when they got hacked.  Notice there *is*
> > > no big
> > > dip in April/May - just the same continual slide that started all the
> > > way back
> > > at the end of February. (For bonus points, figure out what happened the
> > > week of
> > > March 8-15).
> > >
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/