Comment by mcflubbins
4 days ago
> They also classified the issue as a “Fraud and abuse” issue, rather than an Oauth/login issue.
I can _kinda_ see that, I agree they should mitigate it as best as possible too though, especially since they're Google after all.
> I thought this would be the end of the story, but 3 months later, they re-opened my ticket (after my Shmoocon talk was accepted), paid a $1337 bounty, and said they were working on a fix.
Sad how the only way to get Google's attention to make enough noise about something...
$1337 is a very curious amount. Surely, someone was being clever???
yeah, google likes to have fun with the Bug Bounty program. See: https://bughunters.google.com/about/rules/google-friends/662...
it's funny that all of the soul has not been sucked out of the entire company
It's leetspeak
It spells "leet" - see https://en.wikipedia.org/wiki/Leet
You're too young to have used BBSes :)
What are you on about? You clearly missed the sarcasm.
2 replies →