Profile_bird

Hey there! chriseng is using Twitter.

Twitter is a free service that lets you keep in touch with people through the exchange of quick, frequent answers to one simple question: What's happening? Join today to start receiving chriseng's tweets.

Already using Twitter
from your phone? Click here.

chriseng

  1. @jeremiahg @WeldPond That was the point. I'm not saying "fix b/c it's exploitable," I'm saying "fix just in case it's exploitable." 9:37 AM Nov 21st from UberTwitter in reply to jeremiahg
  2. (Veracoders named Chris)++ 3:02 PM Nov 20th from TweetDeck
  3. Oh lovely, porn spam via Twitter @ replies. 9:03 AM Nov 20th from TweetDeck
  4. @dinodaizovi I agree crash bugs are not nearly as black and white as that. 9:01 AM Nov 20th from TweetDeck in reply to dinodaizovi
  5. @dinodaizovi ...flaw than take 5 minutes to replace their stupid ad-hoc query with a prepared statement. 8:59 AM Nov 20th from TweetDeck in reply to dinodaizovi
  6. @dinodaizovi In the static analysis world, I often run into situations where someone would rather argue for an hour about a SQL injection... 8:59 AM Nov 20th from TweetDeck in reply to dinodaizovi
  7. @dinodaizovi Versus spending time arguing about it, THEN developing repros, finding cause, ranking, and fixing? 8:51 AM Nov 20th from TweetDeck in reply to dinodaizovi
  8. @arj @dinodaizovi Yes, design bugs should be considered separately. Most security vulnerabilites are implementation bugs though. 8:42 AM Nov 20th from TweetDeck in reply to arj
  9. @dinodaizovi There will come a time when software developers realize it takes less time to patch the bug than argue about exploitability. 8:37 AM Nov 20th from TweetDeck in reply to dinodaizovi
  10. Seriously? Apache, by default, will treat a file ending in .php.jpg as an executable .php file? That is retarded. http://is.gd/4Z1EY 11:46 AM Nov 19th from TweetDeck
  11. @Nanette So far, red is in the lead with 100% of the poll responses. :P 11:05 AM Nov 19th from TweetDeck in reply to Nanette
  12. Unscientific poll: Which Java/CIL obfuscators do you use or encounter most in real-world applications? 10:47 AM Nov 19th from TweetDeck
  13. @ikonoklasm it looks great, nice job! 9:38 AM Nov 19th from UberTwitter in reply to ikonoklasm
  14. Fedora 12 fail... "Local users get to play root?" Email thread: http://is.gd/4YQrD ; Bug report: http://is.gd/4YQsp (SIGH) 7:35 AM Nov 19th from TweetDeck
  15. RT @quine: I guess I didn't realize that penetration testing was an immature, reckless juvenile delinquent. So glad it's "growing up". > +1 7:27 AM Nov 19th from TweetDeck
  16. @adamjodonnell congrats! 10:24 AM Nov 18th from UberTwitter in reply to adamjodonnell
  17. RT @jeremiahg: ONS, Brazil's nat. power grid operator, website vuln to SQLi - "How To Hack A Brazilian Power Company" http://bit.ly/1hA5oN 9:15 AM Nov 18th from TweetDeck
  18. @kealan10 ok, how in the world do you keep winning all these contests?! 9:13 AM Nov 18th from TweetDeck in reply to kealan10
  19. @ryanaraine oh, I thought you were referring to @shazzzam's comment :) 5:28 PM Nov 17th from UberTwitter in reply to ryanaraine
  20. @ryanaraine Are you saying you find it useful? To me it is slow IRC plus pictures. How often do I really need to embed a poll or a map? 4:39 PM Nov 17th from TweetDeck in reply to ryanaraine
  • Name Chris Eng
  • Location Boston, MA
  • Bio Information security guy, proud father, Cal sports fan, carnivore
148 Following 617 Followers 23 Listed
Dinis Cruz Jabra Rafal Los Tom Eston Marcin OWASP O2 Platform Sophia Preston Brad Spengler Ollie Rob Brydon Natalie Coughlin SecBarbie sp petersilberman Justin Charlie Miller Leigh Honeywell vf Sandy Barbour Security Rater thedarktangent Stefan Esser Aaron Portnoy Pwnie Awards Tweeteev Jeff Tedford SOURCEBarcelona Bonerama Nikita Kronenberg Skyfire jqueryui Ethan Suplee Cross Site Roderick Branch Kevin Mitnick Jonathan Ness