tag:blogger.com,1999:blog-4838136820032157985.post6520183733606671057..comments2024-03-28T00:10:44.027-07:00Comments on Project Zero: Announcing Project ZeroUnknownnoreply@blogger.comBlogger29125tag:blogger.com,1999:blog-4838136820032157985.post-87625598151669998112015-03-01T02:43:27.842-08:002015-03-01T02:43:27.842-08:00Over the last 30 years or so, I've reported ar...Over the last 30 years or so, I've reported around 100, probably way more, serious bugs.<br />In the VAST majority of cases, from my considerable experience, the bugs never get fixed. There is usually some idiot in the way who's job is to waste my time telling me "it's not a bug", or some other idiot telling me to report it to someone else in his org, because he can't fix it, and sometimes even worse (netscape lawyers sent me a legal threat when I submitted 100 different bugs to their "report a bug, get a T-Shirt competition" - and to rub salt into that wound, I reported a summary, not the details, and they never asked for the details).<br /><br />You cannot hope to fix things that people don't want to fix or don't care about, by doing the same thing, again, that everyone else is already doing.<br /><br />You need a new way - some kind of blazing in-your-face public way to let us know who you are chasing about a bug, and give us all a big ticking-down clock until the moment (give them 60 days) you shame the crap out of them for doing nothing, and make the bug public.yawnhttps://www.blogger.com/profile/12862804413501633609noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-26434654485876993432015-01-17T06:41:24.728-08:002015-01-17T06:41:24.728-08:00you are a hacker ?
you will find a way...you are a hacker ?<br />you will find a way...Anonymoushttps://www.blogger.com/profile/01003221435933010432noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-79962177384316091412014-08-04T23:19:50.358-07:002014-08-04T23:19:50.358-07:00Yes, I will.And you too!Yes, I will.And you too!Anonymoushttps://www.blogger.com/profile/06958557277045710462noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-90605425164612303732014-07-20T10:05:20.182-07:002014-07-20T10:05:20.182-07:00have a Twitter handle?have a Twitter handle?Anonymoushttps://www.blogger.com/profile/18308095557153535046noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-81027286776438645762014-07-19T07:47:00.271-07:002014-07-19T07:47:00.271-07:00Need a Canadian security researcher with 20+ years...Need a Canadian security researcher with 20+ years of DevOps and a SSCP certification...count me in. Unknownhttps://www.blogger.com/profile/12416350542390977071noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-77974278185625531452014-07-19T03:52:46.164-07:002014-07-19T03:52:46.164-07:00This comment has been removed by the author.Anonymoushttps://www.blogger.com/profile/11371808821897580781noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-3593643855247343652014-07-19T00:39:29.992-07:002014-07-19T00:39:29.992-07:00Not with that attitude.Not with that attitude.yahya1337https://www.blogger.com/profile/06820185536878304449noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-68029969868969054772014-07-18T11:41:43.632-07:002014-07-18T11:41:43.632-07:00I'm in too...I'm in too...Anonymoushttps://www.blogger.com/profile/12640279376561562278noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-56334134029116334822014-07-17T20:11:07.078-07:002014-07-17T20:11:07.078-07:00www.100security.com.brwww.100security.com.brAnonymoushttps://www.blogger.com/profile/14843239363478496377noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-13747907032552865982014-07-17T10:16:45.185-07:002014-07-17T10:16:45.185-07:00I always desired to learn about Internet Security....I always desired to learn about Internet Security. <br />Somebody could help me given advice? <br />How to begin study in this field?Anonymoushttps://www.blogger.com/profile/09733621455740340169noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-61788808289753159112014-07-17T07:45:16.587-07:002014-07-17T07:45:16.587-07:00All for safety, you are with actions that large co...All for safety, you are with actions that large companies should always keep in mind for the good of its members.Anonymoushttps://www.blogger.com/profile/00883269267883978314noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-66512938057237336962014-07-17T02:40:21.189-07:002014-07-17T02:40:21.189-07:00http://www.linuxfoundation.org/programs/core-infra...http://www.linuxfoundation.org/programs/core-infrastructure-initiativeAnonymoushttps://www.blogger.com/profile/02488287033484002088noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-24230530245410817002014-07-17T00:59:29.172-07:002014-07-17T00:59:29.172-07:00"We're hiring"
Could you tell how t..."We're hiring"<br /><br />Could you tell how to apply?Anonymoushttps://www.blogger.com/profile/00854237494416341094noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-617998002279667422014-07-16T12:51:49.021-07:002014-07-16T12:51:49.021-07:00VCC technology is available
See victorsheymov.com
...VCC technology is available<br />See victorsheymov.com<br />Victor Sheymov Wikipedia<br />CYBERSPACE AND SECURITY in Amazon.comAnonymoushttps://www.blogger.com/profile/09724466911096404169noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-14168642133952972992014-07-16T05:31:01.659-07:002014-07-16T05:31:01.659-07:00And? Any email or online form for CVs?And? Any email or online form for CVs?Dima Kovalenkohttps://www.blogger.com/profile/08203695222467761384noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-20394018246753101632014-07-16T05:00:01.519-07:002014-07-16T05:00:01.519-07:00This comment has been removed by the author.Employee benefitshttps://www.blogger.com/profile/08011634719972938583noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-58655080408384055072014-07-16T04:59:30.032-07:002014-07-16T04:59:30.032-07:00Lairn sam engrish firstLairn sam engrish firstEmployee benefitshttps://www.blogger.com/profile/08011634719972938583noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-62078651706939709152014-07-16T01:22:04.604-07:002014-07-16T01:22:04.604-07:00Hello, Mr. Google! I have a development that will ...Hello, Mr. Google! I have a development that will eliminate all of the servers, Laptop and other mobile gadgets from any hackers. If you do not believe me, we can discuss. If you do, then before the meeting. With best regards, Aleksandr Solodilov (Linkedin)Anonymoushttps://www.blogger.com/profile/03082793116575899184noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-57650737506838779062014-07-15T20:58:58.790-07:002014-07-15T20:58:58.790-07:00l am interesting this job.l am interesting this job.Anonymoushttps://www.blogger.com/profile/06958557277045710462noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-15388217497490393382014-07-15T20:06:15.418-07:002014-07-15T20:06:15.418-07:00I'm in :)I'm in :)Donglehttps://www.blogger.com/profile/09011563891596881337noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-88045207861520725582014-07-15T16:05:32.437-07:002014-07-15T16:05:32.437-07:00Good job picking GH, I like his work, and glad he ...Good job picking GH, I like his work, and glad he is a Blue/white Hat. I remember back in the day when i submitted Map issues and would get back emails denying the issue existed, and it was patched in < 4 hours. Times have changed, and I for one am glad. I wish Google had more security/infrastructure positions in the Southern CA, but I digress. I agree with Austin, would be interesting hearing what will be found.Anonymoushttps://www.blogger.com/profile/04735181514186297069noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-86950901417263264732014-07-15T15:17:55.753-07:002014-07-15T15:17:55.753-07:00how does one apply for the position?
I'm curr...how does one apply for the position?<br /><br />I'm currently trying to fix all of the websites which have their .git/.svn/.hg/.bzr repo available (which could lead to leaked sources, hence a lot of 0days, leaked databases, API credentials, etc). I have fixed about 1500 websites so far but there are lots more.<br />I've also notified hundreds of websites about 0days I've found in different third-party libraries.<br /><br />I'm doing this because I'm trying to make internet safer.Anonymoushttps://www.blogger.com/profile/18002641671071734751noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-29555264710689506832014-07-15T14:35:21.460-07:002014-07-15T14:35:21.460-07:00To be a fly on that wall!To be a fly on that wall!Austin Lance Butlerhttps://www.blogger.com/profile/07547720574409688377noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-13502098366583049622014-07-15T11:22:47.612-07:002014-07-15T11:22:47.612-07:00Where does one apply? I searched for project zero ...Where does one apply? I searched for project zero on the Google careers page, but did not notice any relevant hits. I have over 20 years of experience in programming, the last six of which were in automated testing of life-critical engineering calculations.willdyehttps://www.blogger.com/profile/07070171510604272660noreply@blogger.comtag:blogger.com,1999:blog-4838136820032157985.post-57646201357307736662014-07-15T11:21:21.566-07:002014-07-15T11:21:21.566-07:00This comment has been removed by the author.willdyehttps://www.blogger.com/profile/07070171510604272660noreply@blogger.com