Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »

jcran › Comments

jcran
724Hookah (3/5) - http://www.yelp.com/biz...
Map
"Good atmosphere for a chill group. The house blend hookah was delicious and hit really really well. Like most things in the Tenderloin, it's a bit gritty once you get inside. Non-descript on the…" - jcran
jcran
Re: The deterioration of unmanaged bug bounties - http://shubh.am/the-det...
"Hey Subham, @jcran from Bugcrowd here. Thanks for the post, and facilitating the discussion. Your post echoes a lot of the guidance we give to bounty providers. - Proactively communicate, add items to the brief that you won't pay out. - Default to verbosity, explain why you chose a particular outcome on each submission. - Be responsive, the sooner you let the tester know the outcome, the more likely they are to come back. - Think from the submitter’s point of view, they have limited information about the inner workings of the organization. - Use the golden rule: If you make a code or configuration change, reward the submitter. * Bugcrowd's Standard Disclosure Terms: https://blog.bugcrowd.com/stan... * How to determine if a submission should be rewarded: https://blog.bugcrowd.com/when... It's important to have qualified, level-headed resources responding to submissions. Some researchers and bounty providers have good intentions, but don't always have the background or information..." - jcran
jcran
Re: HackerOne Secures $9 Million, Appoints Katie Moussouris as Chief Policy Officer - http://www.securityweek.com/hackero...
"Just a note that if you're interested in this sort of thing, you check out the comprehensive bug bounty list (https://bugcrowd.com/list-of-b... as well as sign up as a researcher @ bugcrowd!" - jcran
jcran
Re: Here's how to hacker-proof your app in 5 steps | VentureBeat | Dev | by Rick Spickelmier, Birst - http://venturebeat.com/2014...
"Another idea. Start a disclosure pogram, or ideally, bug bounty. This will force your developers to write better code, because it costs you money every time a security bug slips through." - jcran
jcran
Re: Open Letter to Internet Users and Businesses: Help Us Test OpenSSL and Make the Internet Safer - https://blog.bugcrowd.com/open-le...
"@Dollarampersand - Great question! We salute Neel's donation, and realize that the Internet bug bounty exists, but the donation itself provides evidence that the IBB is just too small to incentivize deep and qualified research. We're not seeing evidence that researchers are working on this full-time (or even part-time without the support of an organization). The IBB is also sponsored by an exclusive group of organizations and we believe anyone should have the ability to contribute to the safety of the internet. By crowdfunding a bounty on OpenSSL, we're aiming to provide reward amounts large enough to pay for qualified researchers' skills, and improve the assurance of OpenSSL more quickly." - jcran
jcran
Re: Open Letter to Internet Users and Businesses: Help Us Test OpenSSL and Make the Internet Safer - http://blog.bugcrowd.com/open-le...
"@Dollarampersand - Great question! We salute Neel's donation, and realize that the Internet bug bounty exists, but the donation itself provides evidence that the IBB is just too small to incentivize deep and qualified research. We're not seeing evidence that researchers are working on this full-time (or even part-time without the support of an organization). The IBB is also sponsored by an exclusive group of organizations and we believe anyone should have the ability to contribute to the safety of the internet. By crowdfunding a bounty on OpenSSL, we're aiming to provide reward amounts large enough to pay for qualified researchers' skills, and improve the assurance of OpenSSL more quickly." - jcran
jcran
Re: Concise Courses - Advanced Persistent Pentesting: Fighting Fire with Fire - http://www.concise-courses.com/infosec...
"Slides available at: http://www.slideshare.net/jcra..." - jcran
jcran
"I will definitely attend this." - jcran
jcran
Scala: The Static Language that Feels Dynamic - http://www.artima.com/weblogs...
d I waited this long before beginning to learn the language, because they've sorted out a lot of issues in the meantime. In fact, several versions of the language have made breaking changes with previous versions, requiring code rewrites. Some people have found this shocking - jcran
jcran
Scala: The Static Language that Feels Dynamic - http://www.artima.com/weblogs...
d I waited this long before beginning to learn the language, because they've sorted out a lot of issues in the meantime. In fact, several versions of the language have made breaking changes with previous versions, requiring code rewrites. Some people have found this shocking - jcran
jcran
Scala: The Static Language that Feels Dynamic - http://www.artima.com/weblogs...
d I waited this long before beginning to learn the language, because they've sorted out a lot of issues in the meantime. In fact, several versions of the language have made breaking changes with previous versions, requiring code rewrites. Some people have found this shocking - jcran
jcran
B & B Body and Paint Lp (5/5) - http://www.yelp.com/biz...
Map
"Wow. B is a business focused on customer service that happens to be really good at fixing cars. I was blown away by the responsiveness and the effort they put into keeping me in the loop when a curb…" - jcran
jcran
"nice post. found it via sanitybit/netsec - you may want to take a look at this module: http://www.metasploit.com/modu..." - jcran
jcran
"nice post. found it via sanitybit/netsec - you may want to take a look at this module: http://www.metasploit.com/modu..." - jcran
jcran
Dynamips / Dynagen Tutorial - http://dynagen.org/tutoria...
GNS-3 (a graphical network simulator that uses Dynagen’s libraries): http://www.gns3.net/ - jcran
jcran
Dynamips / Dynagen Tutorial - http://dynagen.org/tutoria...
GNS-3 (a graphical network simulator that uses Dynagen’s libraries): http://www.gns3.net/ - jcran
jcran
Dynamips / Dynagen Tutorial - http://dynagen.org/tutoria...
GNS-3 (a graphical network simulator that uses Dynagen’s libraries): http://www.gns3.net/ - jcran
jcran
SproutCore - Get Started - http://www.sproutcore.com/get-sta...
sproutcore, check it out - jcran
jcran
Logic Approach 512-441-4441 Computer Sales and Service, Used and Refurbished, IT Networking and Consulting, CLEAR Wireless - http://www.logicapproach.com/
113 INDUSTRIAL BLVD. at S. CONGRESS - jcran
jcran
Refurbished Dell Off Lease Computers Used Optiplex PCs - http://www.discountelectronics.com/index...
o Austin and one of my stops is always at Discount Electronics. They offer great value, with lots of "stuff" to select from. I would recommend them to anyone wanting good products at very good pr - jcran
jcran
Four Steps to the Epiphany - Google Books - http://books.google.com/books...
to read! - jcran
jcran
Myne-us: From 0x90 to 0x4c454554, a journey into exploitation. - http://myne-us.blogspot.com/2010...
Now that we have a very good understanding of programming languages and what the machine is doing we can start working on task at hand, exploitation. Here I will start a lot of the learning in very much a list format and adding in comments or Parallel learning areas when needed. - jcran
jcran
jcran
Classic Testing Mistakes - http://www.exampler.com/testing...
Before release, 50 bugs are found in subsystem 1. 6 bugs are found in each of the other subsystems. After release, 50 bugs are found in subsystem 1 and 6 bugs in each of the other subsystems. - jcran
jcran
13 Things to Avoid When Changing Habits | zen habits - http://zenhabits.net/13-thin...
y habit change, I find it important to read as much as possible about it, before and during. I will do my research, to find out strategies for success, potential obstacles, good tools that will help me be successful. And I’ll still read about it during the habit change — blogs, magazines, books, forums, success stories — to help motivate me. - jcran
jcran
13 Things to Avoid When Changing Habits | zen habits - http://zenhabits.net/13-thin...
y habit change, I find it important to read as much as possible about it, before and during. I will do my research, to find out strategies for success, potential obstacles, good tools that will help me be successful. And I’ll still read about it during the habit change — blogs, magazines, books, forums, success stories — to help motivate me. - jcran
jcran
Rake - Ruby Tutorials | Dream.In.Code - http://www.dreamincode.net/forums...
Path Extensions To help you create rakefiles, Rake provides some extensions to the existing String class in Ruby. One of these exensions is the ”ext” method which makes changing up a file’s extension quick and easy. For example, we might want to convert a source file name into a target file name. We can easily do that like so: "myfile.c".ext "o" This will convert the file extension of the ”.c” file to a ”.o” file. Take note that this method modifies the String in place so the object itself will be modified rather than just returning a modified String. For more advanced path manip- ulation you can use the ”pathmap” method which takes in a format string to explain how you would like to change the path of a file. Here is an example of the more advanced ”pathmap” method: 1 "myfile.c".pathmap "%X.o" - jcran
jcran
Rake - Ruby Tutorials | Dream.In.Code - http://www.dreamincode.net/forums...
Path Extensions To help you create rakefiles, Rake provides some extensions to the existing String class in Ruby. One of these exensions is the ”ext” method which makes changing up a file’s extension quick and easy. For example, we might want to convert a source file name into a target file name. We can easily do that like so: "myfile.c".ext "o" This will convert the file extension of the ”.c” file to a ”.o” file. Take note that this method modifies the String in place so the object itself will be modified rather than just returning a modified String. For more advanced path manip- ulation you can use the ”pathmap” method which takes in a format string to explain how you would like to change the path of a file. Here is an example of the more advanced ”pathmap” method: 1 "myfile.c".pathmap "%X.o" - jcran
jcran
Wait. Brazil is hosting the Olympics AND World Cup? « Some Here, There, and Nowhere - http://brunoberry.wordpress.com/2010...
So, um, what the? Brazil is going to host both the World Cup and Olympics. I’m Brazilian and this is still a shock. I mean, anyone could have seen it coming in the past decade, seeing how Brazil has grown. Still, it’s like oh gawd, please don’t let anyone get shot. The point is however, if you’re going to Brazil - jcran
jcran
Wait. Brazil is hosting the Olympics AND World Cup? « Some Here, There, and Nowhere - http://brunoberry.wordpress.com/2010...
So, um, what the? Brazil is going to host both the World Cup and Olympics. I’m Brazilian and this is still a shock. I mean, anyone could have seen it coming in the past decade, seeing how Brazil has grown. Still, it’s like oh gawd, please don’t let anyone get shot. The point is however, if you’re going to Brazil - jcran
Other ways to read this feed:Feed readerFacebook