This is all good, but unlss @realDonaldTrump unblocked I will never use Twitter again. I don't care if you agree or disagree with what was said. But if even a pressident of united states can be banned, best not use such platforms. Period!
If even a president of the USA can behave so poorly and break rules so flagrantly that a service like Twitter -- that has tremendous incentive to keep him on the platform -- sees that they have to block him from the platform, best not to rely on such presidents.
I agree WHOIS is completely useless! Anyone can fake this info anyway and anyone using there real info can be SWATTED (https://en.wikipedia.org/wiki/Swatting)
Only if you use your home address. Most people use a PO Box or other forwarding. (or in the case of a business: physical office presence, which is usually published on the website itself)
Anyone who has my name can find my address, voter registration records are easily searched online in many states. I only bother with WHOIS protections (which Gandi includes at no additional charge) to avoid spam, very few people can claim they are truly safe from swatting.
I've been windows power user for many years before I switched to Linux. I can say that WinXP was one of the best windows and Win7 was okay and usable. Win8 and Win10 complete shit. Everyone I know had issues with it and had hard times using it. Asking if it was possible to use at least Win7 again. Windows completely screwed up there UI thinking it would be easier for people to use and in process completely killing windows. Not to mantion Win8/10 security/privacy horror storries. The last usable windows was Win7. This is why I see many people switching to Mac OS X or Linux.
On a somewhat more objective note, there was a lot of criticism back when it came out. (Specifically, about "the bloat". Everything is relative, I guess; one can say that things continued to get worse and worse from Windows 2000 on, although some would swear that it was NT4 that was the best Windows ever - e.g. it ran in 16MB of RAM vs. Windows 2000 that raised the requirement to 32MB; for comparison, Windows 95 only needed 8MB.)
Vista and 8 had their problems, but 10 has been fine for me. I disagree with the statement "The last usable windows was Win7." But then, I've seen the same argument before, in different flavors. People complained about Windows 7, wondering why anyone would switch from XP. They complained about XP, wondering why anyone would switch from 98SE.
Microsoft has been in a bit of a tick-tock cycle with their operating system releases. NT 4 was good, 2000 was good, XP was good eventually, Vista, not so good, 7, good, 8, not so good, 10 irons out most of the issues with 8. Pick any other product, and it's likely the same story. Mac OSX was all downhill from Tiger for quite awhile, at the latest High Sierra has had its share of serious flaws.
I highly dought that. Most users use Windows and don't even have Anti-Virus/Firewall installed on there computers. Networking hardware is set to defualts. I would argue more computers and servers are unprotected because we have more computers and users online.
I'm not suprised at all that Google rewarded this low. This is why they are always be more blackhat SEO then reporters. Because companies are too cheap to realize how valuable this discoveries are. They are getting too greedy. I agree 100% that this should of been at least $1,000,000 if not much more. If this contenues google could be the next Facebook ^_^ Lets use DuckDuckGo instead everyone ;-)
@TomAnthony, This is f*up, google should of given you at least $1,337,000 bounty for this. This is one of the most profitable exploits I've seen discovered by anyone. Plus you've done the right thing and reported it. Good job on this discovery!
"I have a couple of other ideas for search related attacks, but am not sure I'm going to explore them any longer."
You're valuing yourself way too low. You've done a good job with this and should receive more bounty for it. Also see if you can earn more for doing research else where; https://www.bugcrowd.com/bug-bounty-list/ Also maybe use something like; https://www.hackerone.com/
