chad scira

SlickStack's design allows remote scripts to execute with root-level permissions every 3 hours and 47 minutes, bypassing SSL validation and lacking security checks like checksum verification. These vulnerabilities expose servers to exploitation, raising questions about the maintainer, Jesse Jacob Nickles, who has been criticized for questionable practices and dismissing concerns. Alternatives like WordOps provide a safer, more secure option for WordPress users.

Back in November I posted a story about how I assisted Chase with finding a security issue in their ultimate rewards points system, and later they decided to close all of my banking accounts, and credit cards (as well as a family members because they were a co-owner of one of my checking accounts).

The story of how one of the largest banks in the world failed to protect it's rewards program from race conditions, and how they eventually rewarded the person who helped them resolve the issue with termination of all of their accounts, as well as their families accounts.

I use the digital ocean api quite aggressively (20-40k requests a day, 30-100 instances created/destroyed). Basically I am totally dependent on their API working for me.

This is a response to this Hacker News Post

On 03/26/12 I sent the following email...

At 1PM yesterday a friend called me and accused me of helping her video out so that she would no longer have any down votes.

A few months back i applied for a github enterprise trial and apparently they added me to some sort of mailing list. It seems like someone made the mistake of putting the whole mailing list inside of the to fields for all of their expirations. So i received the following emails at 7:01AM.

So apparently Apple wants us to upgrade to Lion in order to develop for the latest version of iOS. But Lion still has a few issues that are preventing me from upgrading.

Facebook removes support for legacy API... You should start to be seeing a lot of broken facebook related apps.

Me and a coworker had one of those very long nights trying to figure out this one. Turns out if you are using..

Today I ran into a wonderful safari bug that caused an iframe to be on top of all of the page content, even if you were to put a high z-index on things!

Ran into a little CSS3 bug recently, It pretty much drove me crazy.

IE is trying to fix what it has done to the internet, but they are presented with a major issue.

I was recently asked a question on how to utilize flash params. I tried to answer the question through twitter but it turned out to be very difficult. The limit of 140 characters makes it very hard to actually have a real conversation, so I'll be answering it here.