Researchers Postpone Release Of Free Smart Meter Security Testing Tool

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/232500808/researchers-postpone-release-of-free-smart-meter-security-testing-tool.html

By Kelly Jackson Higgins
Dark Reading
Jan 31, 2012

Smart grid researchers pulled their talk and planned release of a new 
security assessment tool for smart grid meters during the ShmooCon 
conference after a vendor voiced concerns about the research.

Don Weber, a senior security analyst with InGuardians, had planned to 
introduce on Saturday evening a new homegrown tool that tests for both 
vulnerabilities and functionality in smart grid meters -- via the 
devices' infrared ports.

"At the eleventh hour, we had a vendor with some serious issues about it 
-- nothing specific, just some general stuff they wanted to take some 
time to look at a little more. In the interest of responsible 
disclosure, we took this under advisement," says Jimmy Alderson, chief 
operating officer of InGuardians. "We feel the issues are not a real 
concern ... but we respect [the vendor] and want to play ball. We will 
still do the talk after we assuage their concerns."

Alderson says there were no official threats of legal action by the 
vendor, which he declined to name. InGuardians had not planned to name 
any vendors in Weber's presentation, either. Legal threats and vendor 
pressure are nothing new in the security research community: There have 
been multiple occasions where vendor backlash has forced researchers to 
pull their presentations at Black Hat, DefCon, and, last year, at 
TakeDownCon.

[...]


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn