Eduardo Vela

@sirdarckcat

😻vulnerabilities,🤩web security research,💼leading Google's product security response team. I'm not mad. I'm mentally divergent. (personal account)

Vrijeme pridruživanja: siječanj 2008.

Tweetovi

Blokirali ste korisnika/cu @sirdarckcat

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @sirdarckcat

  1. prije 5 sati
    Poništi
  2. proslijedio/la je Tweet
    28. sij
    Poništi
  3. proslijedio/la je Tweet
    28. sij

    I always had a hard time finding writeups beacuse they were all over the place in different blog posts, so I made this. If you know of something that is not in there, you are more than welcome to contribute! 🎉

    Poništi
  4. proslijedio/la je Tweet
    13. sij

    We are thrilled to introduce our Review Committee member . Thank you Eduardo Vela for taking the time out from your busy schedule and to be part of our review committee.

    Poništi
  5. 10. sij

    Quick survey, how many of you would like this? It could even work both ways, so we could also use it to select Grants recipients.

    Poništi
  6. 8. sij
    Poništi
  7. 7. sij

    But maybe there's some value that it provides to you all?

    Prikaži ovu nit
    Poništi
  8. 7. sij

    Internally we actually don't look at that information. Our top bug hunters, beginners and first time bug hunters look exactly the same in our tools (on purpose! we don't want to bias ourselves against good first time reporters).

    Prikaži ovu nit
    Poništi
  9. 7. sij

    Context is, our current hall of fame allows users to showed some statistics, but few users enabled it. What is the value you see in it?

    Prikaži ovu nit
    Poništi
  10. 7. sij

    Dear Bug Hunters: do you guys like to have a public "signal" or "reputation" number associated to your identity? Do you find value in it yourselves?

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    7. sij

    At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic! Here's P0's policy changes for 2020 (with our rationale for the changes):

    Poništi
  12. proslijedio/la je Tweet
    1. sij

    Just so it doesn't get buried in a thread, I made a new slack for CTF organizers. DM me (or ping me any other way you can find) for the invite link, only requirement is you must have run a CTF somewhere before. May open up wider later, but want high SNR.

    Poništi
  13. 1. sij

    Tempted to make a public version of the training I did for my team about security@-response 😛. Not sure where I would present it, though.. It's more process/management focused more than technical. Any suggestions?

    Poništi
  14. proslijedio/la je Tweet
    30. pro 2019.
    Odgovor korisnicima

    Oh, that isn’t good at all. Preventing people submitting bug reports flies in the face of what these bounty programs are meant to offer researchers. :-/

    Poništi
  15. 1. sij

    Let's make 2020 the decade without bans!

    Poništi
  16. proslijedio/la je Tweet
    29. pro 2019.

    Drop the mic! No! Drop your connection! 🙃 A small blog, yes blog and not Vlog🤦‍♂️about XSS in Google. //cc:

    Poništi
  17. 29. pro 2019.

    2020 - Pay 6,000,613 USD in rewards - Celebrate 10 year anniversary - Meet more Bug Hunters!

    Poništi
  18. 23. pro 2019.

    Please share any feedback 🙏. I know the doc is super long, I'm sorry. I'll try to make it a better format. /end

    Prikaži ovu nit
    Poništi
  19. 23. pro 2019.

    The document also mentions other considerations regarding decisions teams have to make on the fly, and similar (scoring, challenge reuse, 0days, etc).

    Prikaži ovu nit
    Poništi
  20. 23. pro 2019.

    I hope this can help us avoid building accidentally guessy tasks, and maybe if the tasks suck, that will be because they are boring, but at least they won't be guessy.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·