turns out to be https://twitter.com/addelindh

On Oct 6, 2014, at 6:12 PM, Larry W. Cashdollar
 wrote:

> I thought it was https://twitter.com/ErrataRob
> 
> On Oct 6, 2014, at 5:04 PM, Michal Zalewski
 wrote:
> 
>> I don't think it happened on Twitter - using advanced search with date
>> ranges, I don't see any mentions that would predate this article,
>> which already seems to be using the term:
>> 
>> http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
>> 
>> It's odd that an article posted at 8 AM on Sept 24 would have any idea
>> of how the bug is already being called by the security community,
>> especially ahead of any Twitter buzz. But both Stephane and Florian
>> implied that some of the pre-notified parties apparently started
>> leaking details to the press and were getting ready to make a splash
>> the moment it goes public, so maybe that's the explanation.
>> 
>> /mz
>