The Lesser of Two Weevs - http://bit.ly/WDmQho (because you needed more commentary on it)
@zate unconfirmed, but apparently you may have to pay $99 a year to be part of the network that allows you to report bugs to AT&T
-
-
@attritionorg i agree that on the surface at most basic find vuln, get 41 months is bad. .. how ever its not that simple. -
@zate it isn't that simple, but for all the wrong reasons. -
@attritionorg certainly puts bug bounty programs in strange place.. do you chance it for the money?
End of conversation
New conversation -
-
-
@attritionorg that'd be pretty stupid of AT&T and we both know there are other ways to responsibly disclose. -
@zate There are, but again, I rarely do responsible disclosure these days based on my past experience. It isn't a panacea. -
@attritionorg@zate almost every of my privately reported vuln has gone unfixed like forever. Except http://Wordpress.com , they r awesome -
@blaufish_ yes but don't you report, report, report, then disclose? -
@zate not in my interest to make ppl angry, only bad will. Make money from comercial pentest and have bunch of corporate allegiances. -
@blaufish_ fairy narf :-) -
@zate yes :) fix rate is much better on pentest though, usually because somebody cares (whoever paid for test.)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.