Ex-Microsoft Bug Bounty dev forced to decrypt laptop for Paris airport official

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2015/01/06/former_ms_bug_bounty_program_developer_forced_into_paris_laptop_decryption/

By John Leyden
The Register
6 Jan 2015

Paris airport security went one step further than simply asking a security 
expert to power up her laptop - they requested she type in her password to 
decrypt her hard drive and log into the machine.

Katie Moussouris, chief policy officer at HackerOne, and best known as the 
woman behind Microsoft's Bug Bounty Program, was en route back to the US 
from the CCC hacking conference. She complied with the request in order 
not to miss her flight.

The computer never left her possession and the security agent never fully 
explained the request, according to Moussouris, and there's no question 
that HackerOne customers' vulnerability reports were exposed - no exploits 
were stored on the device.

Nonetheless, the incident at Charles de Gaulle airport has sparked a 
lively debate among privacy and security advocates. Moussouris has put 
together a blog post explaining her experience:

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/