erbbysam's Avatar

erbbysam

@erbbysam.bsky.social

Software security, cryptography etc

1,019 Followers  |  157 Following  |  14 Posts  |  Joined: 05.11.2024  |  2.6022

Latest posts by erbbysam.bsky.social on Bluesky

VRP @ Google -- a look inside a large self-hosted VRP

VRP @ Google -- a look inside a large self-hosted VRP

What's strange about go.dev/play/p/4fc3Y... πŸ‘€

Attend my presentation in the Bug Bounty Village @ DEFCON today at 5pm to learn more!

08.08.2025 18:20 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

PhD Timeline xkcd.com/3081

25.04.2025 15:32 β€” πŸ‘ 60358    πŸ” 20680    πŸ’¬ 599    πŸ“Œ 832

I missed the "Top Secret//ORCON//Signal" banner, my bad

24.03.2025 22:26 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Quick question -- in Signal, how do I differentiate my EZpass scam messages from those sent by the Pentagon?

24.03.2025 21:47 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 1
Call for Proposals 2025 – BSides CambridgeMA

BSides CambridgeMA CFP is open!!! bsidescambridgema.org/call-for-pro... πŸ‘€πŸŽ‰

08.02.2025 19:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

To answer your first question -- yes, we would accept submissions for golang.org/x repos

22.01.2025 18:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

πŸ€¦β€β™‚οΈ amazing spot. Our intention was to only remove it for one-liner changes as reflected on the rules page. We updated the blog post to match!

22.01.2025 16:01 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Good question, let me check with our team and I'll get back to you

21.01.2025 17:31 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Blog: Level Up Your Open Source Karma (And Your Wallet) by Improving Security This blog post takes you through everything you need to know about the Patch Rewards Program, including our newly introduced focus on memory safety (including reward multipliers!), recently increased ...

πŸ›‘οΈπŸ’Έ We've revamped our Patch Rewards Program, extending its scope and increasing rewards for security patches – with a particular focus on memory safety, including bonus multipliers!

bughunters.google.com/blog/5273064...

21.01.2025 17:11 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
My Bitcoin wallets on Google Drive from ~2013

My Bitcoin wallets on Google Drive from ~2013

🎡Should I open it? Or should I keep it sealed?

17.12.2024 01:46 β€” πŸ‘ 6    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0
Preview
Blog: The Great Google Password Heist: 15 years of hacking passwords to test our security (and build team culture!) The Leaving Tradition in Google's security team, which could be described as a type of small-scale offensive security exercise, is a great (and fun) example of team culture. Curious? See this blog pos...

I don't often post about my work but bughunters.google.com/blog/6355265... is actually super cool thing my team is doing. These short term redteams focused on just stealing our passwords were always amazing to highlight how severely broken complex systems are. The internal writeups are so, so fun!

04.12.2024 19:00 β€” πŸ‘ 18    πŸ” 9    πŸ’¬ 0    πŸ“Œ 1

Reported, thanks for the headsup

30.11.2024 15:08 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Check out the OSS Fuzz projects scope line :) github.com/google/oss-f...

14.11.2024 15:31 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Open Source Security Patch Rewards The Patch Rewards program rewards proactive improvements to security in open source projects.

bughunters.google.com/open-source-... for fixing?

14.11.2024 05:54 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Digital equipment corporation inter-departmental correspondence envelope

Digital equipment corporation inter-departmental correspondence envelope

Going to start posting here more often. If this doesn't work out, I found a good fallback.

10.11.2024 23:26 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Hello wΜΆoΜΆrΜΆlΜΆdΜΆ blue sky!

09.11.2024 03:57 β€” πŸ‘ 7    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@erbbysam is following 20 prominent accounts