[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Contact for reporting Facebook vulnerability

To: Madhur Ahuja <ahuja.madhur@xxxxxxxxx>
Subject: Re: [Full-disclosure] Contact for reporting Facebook vulnerability
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Sat, 11 Jun 2011 18:41:25 -0400

On Sat, Jun 11, 2011 at 3:12 PM, Madhur Ahuja <ahuja.madhur@xxxxxxxxx> wrote:
> Shouldn't I first report to Facebook at
> http://www.facebook.com/help/contact.php?show_form=white_hat
Be careful of using websites - there's not telling what might be in
the Terms of Service. I find EULAs and ToS are usually obscene. I
prefer to use both {secure|security}@example.com per RFC 2142. In
addition to unencumbered communication, you will retain a copy of the
email for your records.

Jeff

>
> On Sat, Jun 11, 2011 at 3:10 PM, Andrew D Kirch <trelane@xxxxxxxxxxx> wrote:
>> On 6/11/2011 2:51 PM, Madhur Ahuja wrote:
>>> Does anyone know where I can report vulnerabilities in Facebook ?
>>>
>>> Thanks,
>>> Madhur
>>>
>>> [SNIP]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Contact for reporting Facebook vulnerability
  - From: Madhur Ahuja
- Re: [Full-disclosure] Contact for reporting Facebook vulnerability
  - From: Andrew D Kirch
- Re: [Full-disclosure] Contact for reporting Facebook vulnerability
  - From: Madhur Ahuja

Prev by Date: Re: [Full-disclosure] Contact for reporting Facebook vulnerability
Next by Date: Re: [Full-disclosure] FreePBX - Module Administration Arbitrary File Upload
Previous by thread: Re: [Full-disclosure] Contact for reporting Facebook vulnerability
Next by thread: Re: [Full-disclosure] Contact for reporting Facebook vulnerability
Index(es):
- Date
- Thread