North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: UK ISP threatens security researcher
On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote: > > On Thu, 19 Apr 2007, Will Hargrave wrote: > > > > Gadi Evron wrote: > > > > > "A 21-year-old college student in London had his internet service > > > terminated and was threatened with legal action after publishing details > > > of a critical vulnerability that can compromise the security of the ISP's > > > subscribers." > > > > > > I happen to know the guy, and I am saddened by this. > > > > In his blog post [1] he did admit to accessing other routers of Be's customers > > using the backdoor password; this is probably [2] a criminal offence in the UK. > > > > I'm not sure I have as much sympathy for him as you do. > > The guy basically looked at his own modem, which is what this was all > about. The rest of what he may have done is indeed up to your judgement. > > I am generally worried about the trend that is emerging of reporting > security issues resulting in legal threats. well in this case i dont know the nature of the threat but asking the guy to hold back the passwords seems reasonable what other examples are there as you suggest a trend in hushing security vulns? Steve
|