Comment by mcflubbins

Comment by mcflubbins 4 days ago

> They also classified the issue as a “Fraud and abuse” issue, rather than an Oauth/login issue.

I can _kinda_ see that, I agree they should mitigate it as best as possible too though, especially since they're Google after all.

> I thought this would be the end of the story, but 3 months later, they re-opened my ticket (after my Shmoocon talk was accepted), paid a $1337 bounty, and said they were working on a fix.

Sad how the only way to get Google's attention to make enough noise about something...

dylan604 4 days ago

$1337 is a very curious amount. Surely, someone was being clever???

Reply View 6 replies

chasemiller 4 days ago

yeah, google likes to have fun with the Bug Bounty program. See: https://bughunters.google.com/about/rules/google-friends/662...

Reply View | 1 reply
- dylan604 4 days ago
  
  it's funny that all of the soul has not been sucked out of the entire company
  
  Reply View | 0 replies
mega_dingus 4 days ago

It's leetspeak
It spells "leet" - see https://en.wikipedia.org/wiki/Leet
You're too young to have used BBSes :)

Reply View | 3 replies
- dylan604 4 days ago
  
  What are you on about? You clearly missed the sarcasm.
  
  Reply View | 2 replies
  
  richbell 4 days ago
  
  Your comment didn't seem obviously sarcastic. Intent is hard to convey over text.
  
  Reply View | 0 replies
  
  [removed] 4 days ago
  
  [deleted]
  
  Reply View | 0 replies