Ah-ha, I had an epiphany in the shower this morning and realized how to get codeexec in LastPass 4.1.43. Full report and exploit on the way.pic.twitter.com/vQn20D9VCy
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
If stating that *fact* causes you to suffer FUD, then you need to reevaluate your expectations. That's your problem, not ethics.
Keep up the good work Tavis. Your influence on the projects against which you report bugs is undeniably positive.
No, not Linux, I think Linus Torvalds fixed the last security bug last night.
That? Totally not security related, nope. No need to inform anyone, just a little patch. Pay no attention to the added buffer length check.
Whilst I agree with Travis, for those who don't understand the process (my users) it is causing some massive grief.
I understand the importance and ramifications of your work, they don't. Please keep up your work.
uhm.. what is it that last pass claims to be for? "unethical" would be to not disclose it, especially with a proclamation like lastpass. lol
good job!
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.