Thanks. For future reference, I've been working on disclosure and vulnerability research professionally my entire adult life.
-
-
-
It's unlikely you need to explain how disclosure works to me, I'm pretty good at it and few people are more experienced with it.
- 7 more replies
New conversation -
-
-
All software has bugs. There's a bug in Windows, Linux, macOS, Chrome, Firefox, everything.
-
If stating that *fact* causes you to suffer FUD, then you need to reevaluate your expectations. That's your problem, not ethics.
- 1 more reply
New conversation -
-
-
OK, exploit working and full report sent to LastPass. Now time to put some pants on.

-
so is this a new exploit or an evolution of the one widely reported earlier this week? If the latter: want to talk to a reporter?
- 2 more replies
New conversation -
-
-
My name is Tavis, and this is not disclosure. It's a tweet.
-
They're good vulns, stilts.
End of conversation
New conversation -
-
-
... without a fix bring unnecessary focus and could actually negatively impact users of that product if someone can replicate your exploit.
-
I think I'm familiar with how vulnerability research works. Just saying "LastPass has a bug" doesn't help.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.