[09:17] Morning === JonathanD is now known as JONATHAND === KyleYankan is now known as KYLEYANKAN [11:23] some people are just so full of themselves..... all caps? [11:23] bye [12:06] Morning peoples, dogs, turkey and everything else [13:11] morning [13:13] Morning. === JONATHAND is now known as JonathanD [15:21] morning. [15:21] Hey ChinnoDog [15:21] sup [15:22] not a lot. [15:27] i found a major bug in facebook [15:28] What bug is that? [15:28] it allows me to completely takeover accounts, without needing to interact with the user. [15:28] http://grosec.wordpress.com/ [15:29] I reported it, took them 5 days to fix. [15:29] well one day actually. [15:29] but 5 days to response. [15:32] hmm. Whose account did you hack? [15:32] I didnt, just reported PoC using a ghost account. [15:34] There was 20k bounty on this. [15:34] that actually seems like a pretty good response. [15:34] So you made 20k? [15:34] They don't reply right away because they'll want to investigate further before doing so. [15:35] and see if there are related vulns. [15:35] Maybe, but If you look at what they eventually did its quite simple. [15:35] yep ChinnoDog [15:36] JonathanD 5 days is not bad really, I remember wiating 9 months for a response from Ms once. [15:36] but that was certainly much more severe. [15:37] http://grosec.wordpress.com/2013/06/28/hijacking-a-facebook-account-with-sms/ [15:37] Theres the post. [15:40] I wish I could make big bucks with arbitrary hacks [15:42] I have a small infosec company and we do it in an organized and customized fashion. [15:44] you make custom fashion products? [15:44] we specialize in cyber security offensive and defensive, researching vulnerability, protection from cyber threats CNO/CNA [15:44] MobileTurkey every tool and research is in house product. [15:44] neat [15:44] a lot of it is research and dev. [15:45] We release about 15-20 binary analysis and exploits/POC's every month and that allows client to evalues and quantify risk and protect from attacks. [15:45] its not available for any client obviously... [15:46] what's your company called? [15:59] http://www.v3.co.uk/v3-uk/news/2278194/facebook-shells-out-usd20-000-to-bug-bounty-hero-for-spotting-account-hijacking-flaw [16:00] That does not look like you. Looks like someone beat you to it. === KYLEYANKAN is now known as KyleYankan [20:31] Finally found this channe again , its been a while [20:31] hi ProfessorKaos64 [20:31] Heya [20:31] I am just gonna be around for a sec, wanted to get my IRC channels setup again [20:31] Bought me a ticket to FOSScon :) [20:32] Im on the east coast, which is not as cool as Cali for cons [20:33] I am not really into cons. They seem nice in principle. [20:34] woo fosscon [20:43] Howdy ProfessorKaos64 [20:44] Hey JonathanD [20:47] It's nice to at least have some ppl are are local, I missed that over the years [20:51] JonathanD: when's pleia2 heading "back to sf" so we can have normal weather here again? :) [20:54] It's nice that you want pleia2 to feel at home, but 3 straight days of downpours during the pm rush is a bit much [20:56] Its been terrible here [20:56] Painting my porch has been a physical challenge [20:56] Mother nature playing games with me... [20:58] Mother nature is telling you that the natural color is better. [20:59] That woman rained on me as I walked 3/4 mile home...she LOVES me... :P [21:03] waltman: good question :) [21:10] ProfessorKaos64: welcome. [21:11] You just told me that hahahaa [21:11] 11 lines up [21:11] :) [21:11] But howdy again! [21:13] I'm very welcoming. [21:13] :P [21:13] ha. [21:14] Im so lazy, ive yet to setup SSH yet since I installed MINT, so busy with the house and other things, as well as my blog. Someday lol [23:48] waltman: don't blame me, it's been nice up here [23:48] well, warm and humid, but not rainy!