Profile_bird

Hey there! alexsotirov is using Twitter.

Twitter is a free service that lets you keep in touch with people through the exchange of quick, frequent answers to one simple question: What are you doing? Join today to start receiving alexsotirov's updates.

Already using Twitter
from your phone? Click here.

alexsotirov

  1. The WOOT '09 program is up at http://bit.ly/yUnH0. We have nine very good papers this year. Register to attend by Aug 3rd!about 4 hours ago from web
  2. Three days left before the Pwnie Awards nominations close! Submit them at http://pwnie-awards.org/ (via @PwnieAwards)about 10 hours ago from Tweetie
  3. Windows 7 has ugly icons. Is it that hard to steal the Apple look? Come on, you've done it before.about 16 hours ago from web
  4. @attritionorg No more free bugs!11:06 AM Jul 11th from web in reply to attritionorg
  5. @vigeek What's an Argentinian octopus?11:01 AM Jul 11th from web in reply to vigeek
  6. I think that today I finally surpassed my record for longest time spent on a single exploit. It's been over a month, but I'm almost done!11:55 PM Jul 10th from web
  7. @codypierce App compat testing can't take longer than the release cycle of the 3rd party apps you're testing against. 12 months is too long.8:14 PM Jul 9th from web in reply to codypierce
  8. But I'm also glad that I'm not on the side that has to care about that any more :-)6:08 PM Jul 9th from web
  9. I'm pretty sure that even the most extensive compatibility tests can be run in under 12 months http://bit.ly/U9DIr (MS talks about msvidctl)6:08 PM Jul 9th from web
  10. "Why doesn't he just buy another bicycle?" http://blogs.msdn.com/oldne...1:43 PM Jul 9th from web
  11. @lsetzer Based on my experience, CVEs are usually assigned when the bug is confirmed by Microsoft, although there could be exceptions.12:26 PM Jul 9th from web
  12. @lseltzer You're right, I misread the year. The CVE is CVE-2008-0015, which means it was most likely assigned around January of 2008.12:24 PM Jul 9th from web in reply to lseltzer
  13. @jness Independent rediscoveries of bugs happens all the time, but conspiracy theories are more fun :-)12:16 PM Jul 9th from web
  14. RT @jness the msvidctl.dll bug details did not go out to MAPP partners until the advisory was released on monday12:13 PM Jul 9th from web
  15. It could be a coincidence of course, but it reminds me of the ANI bug that also appeared in the wild two weeks before the scheduled patch.11:43 AM Jul 9th from web
  16. Did the msvidctl bug leak through the MAPP program? It was reported 6 months ago and it looks like the patch for it was scheduled for July.11:40 AM Jul 9th from web
  17. OH: yeah, we can get a tiger8:32 PM Jul 4th from Tweetie
  18. @kmx2600 What is the right model?4:57 PM Jul 3rd from web in reply to kmx2600
  19. RT @dinodaizovi Mark Dowd has to cut himself while auditing to still feel something3:44 PM Jul 3rd from Tweetie
  20. Apple fanboy comments on Charlie's iPhone SMS remote root: "This "vulnerability" does nothing of any real consequence" http://bit.ly/10A2156:07 PM Jul 2nd from web
  • Name Alexander Sotirov
  • Location New York, NY
  • Web http://www.phreed...
  • Bio The term "security researcher" makes hacking sound respectable, but it's still the same thing.
65 Following 1,076 Followers
Stephen A. Ridley furrygirl Mike Zusman t bot Pavel Tcholakov Dan Guido Hernan Ochoa thedarktangent Michael Howard Maggie Hammond Max Caceres LeviathanSec DennisF Ben Hawkes kuza55 Stefan Esser Elenko Bruce Leidl Juliano Rizzo antic0de dragosr secwest Jane Robinson shadown Metasploit Project Nico Waisman FX of Phenoelit Carolyn Emigh Alexander Boytchev Aaron Portnoy sebastian muniz Ryan Permeh Faster pusscat! Exploit Sweatshop Alex Stamos NYSec