Bil Corry @bilcorry

CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

 Phoenix, AZ
linkedin.com/in/bilcorry/
Joined July 2009
  • Tweets 8,305
  • Following 139
  • Followers 776
Filter
Exclude
Time range
-
Near
Load newest
Fun fact, in New Hampshire (@NHgov), there is a single DMV in the ENTIRE STATE to get a driver's license if you're not a citizen. I've lived in five other states, and in Europe and never encountered this. That's 7 hours round trip for some residents, luckily only 2 hours for me.
Here's how @PayPal specifically handles third-party cookies using their cross-origin libraries. medium.com/@bluepnume/safari…
As a reminder, @PayPal did the heavy lifting on cross-origin mashups by open-sourcing their libraries that power their payment widgets: medium.com/@bluepnume/introd…
1
Once you start looking, he’s everywhere!
Replying to @ericlaw
Guess the cost of providing their security guarantee is less expensive than actually having industry-standard security.
Replying to @evacide
Guillotines always remind me of this guy who built one then used it on his own hand. He then tossed his amputated hand into a fire to prevent reattachment. Anyhow, your necklace looks great! dailymail.co.uk/news/article…
Out of all the dinosaurs, you picked a creature that isn’t even a dinosaur. io9.gizmodo.com/pterodactyls…
Replying to @sirdarckcat
I thought @lcamtuf was developing a woodworking show for HGTV?
1
Replying to @alphapacific_ @BrookeTaylor21
True, but you have to give it to him, as a kid he loves dinosaurs and crushes on Rachel, then grows up to become a paleontologist and marries Rachel. Not many people realize their childhood dreams.
Replying to @asteingruebl
I do, I'm just trolling you. 🤣
2
Replying to @dveditz @mikewest @jochen_e @estark37
Thank you!
Replying to @asteingruebl
Already have that, it's called "lax" in Swedish.
1
Replying to @mikewest @dveditz @jochen_e @estark37
Awesome, thank you!
What are my options for keeping the referer request header from being sent on sub-resource requests, such as fonts? Does the Referrer-Policy header work for all types of subresources, or is there something else I can use? /cc @dveditz @mikewest
1
Replying to @ColbyStreams
Cape is long ago taken. I wish @Mojang would just open up all capes.
Replying to @asteingruebl
Yes, it was my go to site for that! There are several open source URL shorteners, probably not too hard to tweak them to use a “scary” word dictionary...
Replying to @asteingruebl
Wayback shows it working in December, but it’s been down for at least a couple of weeks. Maybe it’ll come back...
1
I'm so bummed that shadyurl.com is no longer working...
1
Replying to @KelseyTuoc
This quote makes me wonder if Skynet is actually acting ethically in Terminator: “So many people are suffering. If humanity is extinct, Earth and animals would be happier. They’ll certainly be better off. Also no human will then suffer. Human existence is totally pointless.”
1
Replying to @jeremiahg
It depends how you found vuln and if BB requires disclosure. If found via normal website usage, then no. If you security test to find it and BB requires disclosure, then yes. BB = permission to test (with conditions). Security testing while violating BB terms = illegal in US.
1
Load more