I& #39;m discussing “How I hacked Clubhouse (and made it safer for all)” with Bug Bounties & VDPs. Saturday, May 1 at 3:00 PM PDT on @joinclubhouse. Join us! https://www.joinclubhouse.com/event/PrWy8Ol6 ">https://www.joinclubhouse.com/event/PrW...

I’ll host another discussion here in Twitter Spaces around 4:30 Pacific time May 1 for those who don’t have iPhones or don’t want to join Clubhouse.

We’ll cover:
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👀" title="Augen" aria-label="Emoji: Augen"> How & why I hacked Clubhouse
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🙈" title="Nichts sehen-Affe" aria-label="Emoji: Nichts sehen-Affe"> Common missteps in Vulnerability Disclosure
https://abs.twimg.com/emoji/v2/... draggable="false" alt="✅" title="Fettes weißes Häkchen" aria-label="Emoji: Fettes weißes Häkchen"> What Clubhouse did right
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🤐" title="„Schweigen ist Gold“-Gesicht" aria-label="Emoji: „Schweigen ist Gold“-Gesicht"> The public safety problem with NDAs in VDPs & bug bounties
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🤷🏻‍♀️" title="Achselzuckende Frau (heller Hautton)" aria-label="Emoji: Achselzuckende Frau (heller Hautton)"> Where oh where that bounty donation to charity is held up
SPOILER: bounty platform vendor delay

Read @lilyhnewman ‘s article about my Clubhouse hack in @WIRED : https://www.wired.com/story/clubhouse-bug-lurkers-ghost/">https://www.wired.com/story/clu...

For technical details of my Clubhouse hack, plus a link to video outtakes of Scapy The Cat, (and a shoutout to the legendary @MCHammer ), read my blog: https://www.lutasecurity.com/post/new-clubhouse-security-vulnerabilities-could-happen-to-any-growing-unicorn">https://www.lutasecurity.com/post/new-...