nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: UK ISP threatens security researcher

From: Gadi Evron <ge () linuxbox org>
Date: Thu, 19 Apr 2007 18:12:44 -0500 (CDT)

On Thu, 19 Apr 2007, Edward Lewis wrote:

At 18:30 -0500 4/17/07, Gadi Evron wrote:

http://www.theregister.com/2007/04/17/hackers_service_terminated/

"A 21-year-old college student in London had his internet service
terminated and was threatened with legal action after publishing details
of a critical vulnerability that can compromise the security of the ISP's
subscribers."


I don't see any part of the story that indicates that the ISP did 
wrong, I see plenty that the student did wrong.  E.g., did the 
student ever try to discreetly raise the issue with the ISP before 
going public?


I believe he covers his good, or lacking, disclosure policy in his blog.

Fact is, he "hacked" (read telnet) his own modem.

Looking at the lack of security response and seriousness from this ISP, I
personally, in hindsight (although it was impossible to see back
then) would not waste time with reporting issues to them, now.

        Gadi.


-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                                +1-571-434-5468
NeuStar

Sarcasm doesn't scale.
Previous By Date Next
Previous By Thread Next

Current thread: