[MEDIA=twitter]1169757203990863872[/MEDIA]
jamaa alipata vulnerability kwa Google translate majamaa wa google wakampa $5000 as a reward
[MEDIA=twitter]1169757203990863872[/MEDIA]
jamaa alipata vulnerability kwa Google translate majamaa wa google wakampa $5000 as a reward
Amesomea hiyo skill either formally ama through self-education. That $$ wasn’t free. He/she worked for it like any other job. Hakuna kuangukia hapa. Ni the reward of a good day’s work.
Tulia, Bug bounty si lazima usomee. Kids who dont understand shit have been awarded before
So a boda boda guy will understand what a bug is?? Lazima ukuwe umesomea either formally ama through self-education. Mtu akijifunza kutoa bugs haimaanishi hajasoma. Self-education is not worthless. @Deorro you probably have a background in tech so fixing bugs to you is like eating pancakes. What those kids understand is not shit to the ordinary guy in the street. It is only shit to you as a specialist in that field so you are lacking perspective.
What @Azor Ahai s trying to say is, it wasn’t a lottery.
sasa ni wivu uko nayo ama? be tolerative
kila mtu na raha zake mehn
i think jamaa ya TOYOTAS has a great point.
jamaa alisomea different techniques of penetration testing, akachagua moja na akafaulu.
There was an engineer who had an exceptional gift for fixing all things mechanical. After serving his company loyally for over 30 years, he happily retired. Several years later his company contacted him regarding a seemingly impossible problem they were having with one of their multi-milliondollar machines. They had tried everything and everyone else to get the machine fixed, but to no avail. In desperation, they called on the retired engineer who had solved so many of their problems in the past.
The engineer reluctantly took the challenge. He spent a day studying the huge machine. At the end of the day he marked a small “x” in chalk on a particular component of the machine and proudly stated, “This is where your problem is.” The part was replaced and the machine worked perfectly again.
The company received a bill for $50,000from the engineer for his service. They demanded an itemized accounting of his charges. The engineer responded briefly:
One chalk mark………………….$1
Knowing where to put it………$49,999
It was paid in full and the engineer retired in peace
you know where to put the x through dedicated study
Software bugs are not like hardware bugs or machine bugs. You dont need 30 years of experience to identify 1. they can be identified by anybody
Explain how to identify a bug in one sentence.
Yes, software bugs can be detected by literally anyone using the product. You don’t have to be a software engineer to discover one
I didn’t say you have to be a software engineer. But you must have some basic knowledge. Can a boda boda guy identify a bug like the guy in the original example?? Yes or no.
By the way, a person in a technical discipline should know that it is not only the amount of knowledge that you have which is important, but how well you apply it. It doesn’t matter where you got the knowledge as long as you can apply it. Some people learn only one thing and make a living from it. I know someone who learned how to repair a fridge though apprenticeship. That’s everything he does all day, everyday.
boss hapa umeshika @Deorro pants down literallh
@Deorro jamaa wa baseless arguments, anajifanya haelewi kenye lightskin anaexplain.
In 2014 Microsoft paid a bug bounty to a 5 year old kid for xbox vulnerability he discovered [MEDIA=bbcnews]p01wvzd3/26879185[/MEDIA]
here is another example
[ATTACH=full]258609[/ATTACH]
in 2019 the facetime bug was discovered by a 14 year old Apple Apologizes For iPhone Facetime Bug And Thanks 14-Year-Old Who Discovered It
[ATTACH=full]258610[/ATTACH]
https://www.marketwatch.com/story/meet-the-14-year-old-who-discovered-apples-shocking-facetime-bug-2019-02-01
If you read that highlighted part, ndio maana nawaambia software bugs can be found by anyone and I mean literally anyone using that software. Si lazima iwe a software engineer or a technical person.
hata wewe you can find one
i see it now.
ata mimi kwa FIFA 15 nilikuwa nikipause drill session alafu ni unpause, pause menu haipotei.
unacheza kama bado pause menu iko kwa screen.
but hizo zingine za akina SQL injection, csrf na kadhalika lazima mtu asomee
some people is like they think they are always right. You cant know something is a bug if you’re ignorant of the fact it is a bug. Kung’ang’ana na huyu mod ni kama kusukuma nguruwe. Kichwa ngumu sana
yes a Boda Boda guy can identify a bug
the accident can either be by inexperienced people like those kids I have listed there or can be by technical people. a Good example of technical people discovering bugs by accident was the cloudflare leak bug discovered by Tarvis of project Zero 1139 - project-zero - Project Zero - Monorail
TechTarget Enterprise Technology News
actively looking for one is where you do lots of trial and error using various methods eg the method used by the guy OP has reported or the spectre and Zombieland Intel chipset flaws discovered by Graz University researchers
What you have is called availability bias. I can assure you that google servers are full of would-be bounty hunters who fell short (boda boda guys) simply because they didn’t have the knowledge to verify that what they were witnessing was indeed a bug. A person with some knowledge about software and tech will have ways of verifying whether it is a bug or something else e.g virus. Obviously, every once in a while a 5 year-old will present a case that coincidentally turns out to be a bug. I can assure you that most bounties have been rewarded to people with some level of basic knowledge but that is never publicized like the 5-year old or boda boda guys.
The 5 year old wouldn’t have “discovered” the bug if her mum wasn’t a software engineer. That 14 year old plays Fortnite. Hardcore gamers know a thing or 2 about bugs. So the argument that “anyone” can discover a bug still doesn’t hold.
Experts suggest that the next generation of cybersecurity workers should come from the world of gamers. About 72 percent of cybersecurity managers say the generation of candidates who have been raised on playing video games are strong candidates for entering the field and a good way to curb the shortage. This is due to the common traits and mutual talents required in the field of cyber threat hunting which include logic, perseverance, an understanding of how to approach adversaries, as well as a fresh outlook and approach to cybersecurity. Experts say these kinds of traits go a long way and even make up for a lack of experience or training.
https://www.businessnewsdaily.com/10677-gaming-solve-cybersecurity-talent.html
This deorro guy might be hard headed but what he is saying is correct. Anyone including bonobos like @Mrs Shosho can find a bug just that he isn’t explaining well.
Wacha nilale I will explain better in the morning.