Still doesn't excuse the major player from not responding to your son via his request under the responsible disclosure process which a lot of security researchers go through with companies. If they don't then open disclosure is the next level. This also speaks to the major players inability to keep a proper dialog with the security researcher, that is warning them about major flaws in their software which is going to help them fix the issue, and then they go all radical and start doing cease and desist, since they know they have shroddy coding practices ( schocker, they don't follow secure coding practices and then want to punish the security researcher because they called them on the carpet...
Joy, you wonder why security researchers get torked on this stuff... Z Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization email:[email protected] phone:401-639-3505 From: Kennedy, Jim [mailto:[email protected]] Sent: Tuesday, November 29, 2011 10:57 AM To: NT System Admin Issues Subject: RE: Corporate Bullying is a wee bit harder in the 21st century... Yea, they try. My kid got a cease and desist from a major player for some exploits he found in their software. He contacted them repeatedly and they ignored him. So he published his findings and they fixed it right away. Then they sent him the letter. From: Andrew S. Baker [mailto:[email protected]] Sent: Tuesday, November 29, 2011 10:47 AM To: NT System Admin Issues Subject: Corporate Bullying is a wee bit harder in the 21st century... But that doesn't stop them from trying. http://www.computerworld.com/s/article/9222203/Carrier_IQ_drops_legal_th reat_against_security_researcher?taxonomyId=17 <http://www.computerworld.com/s/article/9222203/Carrier_IQ_drops_legal_t hreat_against_security_researcher?taxonomyId=17> In this case, they were duly smacked down. ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image002.jpg>>
