Jay Freeman (saurik)Verified account

I'd missed the confirmation of this on Thursday, but @bobanetwork had decided to additionally extend to me their (maximum) $100k bug bounty payout, making the total reward for my Ethereum L2 bug--"Unbridled Optimism"--$2,100,042! (...I think this might actually set a new record?)https://twitter.com/bobanetwork/status/1491989915336388618 …

Amazingly, the bugs continue: after I gave up and went to sleep, the two transfers I then had "PENDING" were both "CANCELLED" at the same time with the reason "The transaction fee has expired."... but these failed transfers are still counting against my daily withdrawal limit :/.

(Before I decided to tweet, one of my transactions ended up failing after *10 hours*, with an extremely low-level looking e-mail that had the error message "Pro/Prime send money failed!". https://www.google.com/search?q=%22pro%2Fprime+send+money+failed%22 … Attempting to retry the transaction put it in the same state again.)

FWIW, this apparently has happened to many other users on the @coinbase subreddit and most of them report the same SNAFU of your customer support providing incorrect responses in a loop, so this seems to be a systemic issue. https://www.google.com/search?q=site%3Areddit.com+coinbase+withdrawal+stuck+pending … Maybe a postmortem is in order?

Does anyone else find it strange that both Apple and Google not only allow but in fact require privacy policies for apps to be hosted on external websites, meaning that to view an app's privacy policy you must connect to their server and already subject yourself to their logging?

For more detail, I'll highly recommend reading our complaint: "This lawsuit seeks to open the markets for iOS app distribution and iOS app payment processing to those who wish to compete fairly with Apple, and to recover the enormous damages Apple caused." https://cache.saurik.com/lawsuit/complaint.pdf …

Regardless, in early September of 2020, I was able to get Facebook to reinstate the Cydia app... though they made it sound tenuous enough that I waited until now--when I'm finally feeling confident-ish--to reactivate the button, in case anyone still has reason to log in to Cydia.

In June of 2019, Facebook suspended my Cydia app, removing its access to Facebook login and locking users out of their Cydia accounts, which required a slow (on both sides: Facebook and I each were taking months to respond to the other ;P) back and forth of interrogations to fix.

So yeah: I don't know if anyone else will agree with me that security events should not allow companies using USC Section 1201--or similar laws around the world: the US got this included in a WIPO treaty--to speak at their events, but if so: poke a conference organizer for me? ;P

Companies which wish to speak at security events should be required to sign a non-action pledge on USC Section 1201--which isn't even about infringement: it is a potentially-unconstitutional law about "circumventing" controls and "trafficking" in tools--in order to submit a talk.