|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: UK ISP threatens security researcher
On Thu, 19 Apr 2007, Edward Lewis wrote: > At 18:30 -0500 4/17/07, Gadi Evron wrote: > >http://www.theregister.com/2007/04/17/hackers_service_terminated/ > > > >"A 21-year-old college student in London had his internet service > >terminated and was threatened with legal action after publishing details > >of a critical vulnerability that can compromise the security of the ISP's > >subscribers." > > I don't see any part of the story that indicates that the ISP did > wrong, I see plenty that the student did wrong. E.g., did the > student ever try to discreetly raise the issue with the ISP before > going public? I believe he covers his good, or lacking, disclosure policy in his blog. Fact is, he "hacked" (read telnet) his own modem. Looking at the lack of security response and seriousness from this ISP, I personally, in hindsight (although it was impossible to see back then) would not waste time with reporting issues to them, now. Gadi. > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Edward Lewis +1-571-434-5468 > NeuStar > > Sarcasm doesn't scale. >
|