[09:17] <rmg51> Morning
[11:23] <rmg51> some people are just so full of themselves..... all caps?
[11:23] <rmg51> bye
[12:06] <teddy-dbear> Morning peoples, dogs, turkey and everything else
[13:11] <InHisName> morning
[13:13] <JONATHAND> Morning.
[15:21] <ChinnoDog> morning.
[15:21] <JonathanD> Hey ChinnoDog
[15:21] <ChinnoDog> sup
[15:22] <JonathanD> not a lot.
[15:27] <hackfu-> i found a major bug in facebook
[15:28] <ChinnoDog> What bug is that?
[15:28] <hackfu-> it allows me to completely takeover accounts, without needing to interact with the user.
[15:28] <hackfu-> http://grosec.wordpress.com/
[15:29] <hackfu-> I reported it, took them 5 days to fix.
[15:29] <hackfu-> well one day actually.
[15:29] <hackfu-> but 5 days to response.
[15:32] <ChinnoDog> hmm. Whose account did you hack?
[15:32] <hackfu-> I didnt, just reported PoC using a ghost account.
[15:34] <hackfu-> There was 20k bounty on this.
[15:34] <JonathanD> that actually seems like a pretty good response.
[15:34] <ChinnoDog> So you made 20k?
[15:34] <JonathanD> They don't reply right away because they'll want to investigate further before doing so.
[15:35] <JonathanD> and see if there are related vulns.
[15:35] <hackfu-> Maybe, but If you look at what they eventually did its quite simple.
[15:35] <hackfu-> yep ChinnoDog
[15:36] <hackfu-> JonathanD 5 days is not bad really, I remember wiating 9 months for a response from Ms once.
[15:36] <hackfu-> but that was certainly much more severe.
[15:37] <hackfu-> http://grosec.wordpress.com/2013/06/28/hijacking-a-facebook-account-with-sms/
[15:37] <hackfu-> Theres the post.
[15:40] <ChinnoDog> I wish I could make big bucks with arbitrary hacks
[15:42] <hackfu-> I have a small infosec company and we do it in an organized and customized fashion.
[15:44] <MobileTurkey> you make custom fashion products?
[15:44] <hackfu-> we specialize in cyber security offensive and defensive, researching vulnerability, protection from cyber threats CNO/CNA
[15:44] <hackfu-> MobileTurkey every tool and research is in house product.
[15:44] <ChinnoDog> neat
[15:44] <hackfu-> a lot of it is research and dev.
[15:45] <hackfu-> We release about 15-20 binary analysis and exploits/POC's every month and that allows client to evalues and quantify risk and protect from attacks.
[15:45] <hackfu-> its not available for any client obviously...
[15:46] <MobileTurkey> what's your company called?
[15:59] <ChinnoDog> http://www.v3.co.uk/v3-uk/news/2278194/facebook-shells-out-usd20-000-to-bug-bounty-hero-for-spotting-account-hijacking-flaw
[16:00] <ChinnoDog> That does not look like you. Looks like someone beat you to it.
[20:31] <ProfessorKaos64> Finally found this channe again , its been a while
[20:31] <ChinnoDog> hi ProfessorKaos64
[20:31] <ProfessorKaos64> Heya
[20:31] <ProfessorKaos64> I am just gonna be around for a sec, wanted to get my IRC channels setup again
[20:31] <ProfessorKaos64> Bought me a ticket to FOSScon :)
[20:32] <ProfessorKaos64> Im on the east coast, which is not as cool as Cali for cons
[20:33] <ChinnoDog> I am not really into cons. They seem nice in principle.
[20:34] <pleia2> woo fosscon
[20:43] <JonathanD> Howdy ProfessorKaos64
[20:44] <ProfessorKaos64> Hey JonathanD
[20:47] <ProfessorKaos64> It's nice to at least have some ppl are are local, I missed that over the years
[20:51] <waltman> JonathanD: when's pleia2 heading "back to sf" so we can have normal weather here again? :)
[20:54] <waltman> It's nice that you want pleia2 to feel at home, but 3 straight days of downpours during the pm rush is a bit much
[20:56] <ProfessorKaos64> Its been terrible here
[20:56] <ProfessorKaos64> Painting my porch has been a physical challenge
[20:56] <ProfessorKaos64> Mother nature playing games with me...
[20:58] <ChinnoDog> Mother nature is telling you that the natural color is better.
[20:59] <ProfessorKaos64> That woman rained on me as I walked 3/4 mile home...she LOVES me... :P
[21:03] <JonathanD> waltman: good question :)
[21:10] <JonathanD> ProfessorKaos64: welcome.
[21:11] <ProfessorKaos64> You just told me that hahahaa
[21:11] <ProfessorKaos64> 11 lines up
[21:11] <ProfessorKaos64> :)
[21:11] <ProfessorKaos64> But howdy again!
[21:13] <JonathanD> I'm very welcoming.
[21:13] <JonathanD> :P
[21:13] <ProfessorKaos64> ha.
[21:14] <ProfessorKaos64> Im so lazy, ive yet to setup SSH yet since I installed MINT, so busy with the house and other things, as well as my blog.  Someday lol
[23:48] <pleia2> waltman: don't blame me, it's been nice up here
[23:48] <pleia2> well, warm and humid, but not rainy!