RegisterFAQSearchLogin

View unanswered posts | View active topics It is currently Fri Aug 15, 2025 10:24 am


Board index » In the News

All times are UTC




Reply to topic  Page 1 of 1
  [ 4 posts ] 
Print view Previous topic | Next topic 
Researcher threatened for reporting security bug 
Author Message
rustybucket
I haven't seen my friends in so long
User avatar

Joined: Thu Jun 18, 2009 5:10 pm
Posts: 5837
Reply with quote
Post Researcher threatened for reporting security bug
From El Reg...

Quote:
A German software company has threatened legal action against a security researcher who privately reported a critical vulnerability in one of its programs, Dark Reading reports.

Oh that's some right proper genius there and no mistake...

:roll:

_________________
Jim

Image
Sun May 01, 2011 2:15 pm
Profile
Amnesia10
Legend
User avatar

Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
Reply with quote
Post Re: Researcher threatened for reporting security bug
Well this has proved to be a disaster for them. I doubt that the software has been patched so they will now have a race to patch it before it is exploited and they have to apolgise to users. They were warned about a problem and overreacted.

_________________
Do concentrate, 007...

"You are gifted. Mine is bordering on seven seconds."

https://www.dropbox.com/referrals/NTg5MzczNTk

http://astore.amazon.co.uk/wwwx404couk-21
Mon May 02, 2011 12:03 am
Profile
forquare1
I haven't seen my friends in so long
User avatar

Joined: Thu Apr 23, 2009 6:36 pm
Posts: 5161
Location: /dev/tty0
Reply with quote
Post Re: Researcher threatened for reporting security bug
Quote:
As you maybe [sic] aware it is illegal to release software which is intended to commit computer sabotage (e.g. Sec. 202C I No. 2 German Criminal Law). In addition this announcement together with your offering to have the vulnerability fixed by your company may be considered as an attempted extortion.


Does this mean that MAGIX could be prosecuted for having the bug? Could it mean that they will be prosecuted if they don't fix the bug?
Mon May 02, 2011 5:52 am
Profile WWW
Amnesia10
Legend
User avatar

Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
Reply with quote
Post Re: Researcher threatened for reporting security bug
forquare1 wrote:
Quote:
As you maybe [sic] aware it is illegal to release software which is intended to commit computer sabotage (e.g. Sec. 202C I No. 2 German Criminal Law). In addition this announcement together with your offering to have the vulnerability fixed by your company may be considered as an attempted extortion.


Does this mean that MAGIX could be prosecuted for having the bug? Could it mean that they will be prosecuted if they don't fix the bug?

The offering to fix it for a fee is making a quote. He knew exactly what the problem was and so could know exactly what would fix it. They will have to divert programers to find and fix the problem. That will cost them money.

_________________
Do concentrate, 007...

"You are gifted. Mine is bordering on seven seconds."

https://www.dropbox.com/referrals/NTg5MzczNTk

http://astore.amazon.co.uk/wwwx404couk-21
Mon May 02, 2011 9:56 am
Profile
Display posts from previous:  Sort by  
Reply to topic   Page 1 of 1
  [ 4 posts ] 

Board index » In the News

All times are UTC


Who is online

Users browsing this forum: No registered users and 19 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software.