On December 15, Ars Technica ran a story by veteran security reporter Dan Goodin in which Goodin reported on a disclosure by Google researcher Tavis Ormandy, who had discovered that Keeper Security's password manager, bundled with Windows 10, was vulnerable to a password stealing bug that was very similar to a bug that had been published more than a year before.
Ormandy had reported the bug to Keeper Security in advance of publication and waited until the company had issued a patch to disclose it.
Keeper Security has filed a lawsuit in Illinois (where it is based) against Goodin and Ars Technica, alleging that the factual report of the defects in its products "made false and misleading statements about the Keeper software application suggesting that it had a 16-month old bug that allowed sites to steal user passwords."
Keeper Security previously threatened to sue Fox IT, a security research firm, over publication of another defect in its products.
Illinois has good anti-SLAPP laws, which protect critical speech from legal attacks that try to outspend critics, which bodes well for Ars and Goodin. In the meantime, the lawsuit has attracted critical attention to Keeper Security, as security journalists and researchers speak out against "ridiculous" actions that are tantamount to "bullying."
Keeper Security Inc v Goodin et Al
Security firm Keeper sues news reporter over vulnerability story [Zack Whittaker/Zdnet]
I'm coming to Halifax to give the closing keynote on day one of Atlseccon on April 24th: it's only my second-ever visit to the city and the first time I've given a talk there, so I really hope you can make it!
Back in 2017, the Norwegian Consumer Council published a damning report on the privacy leaks from kids' "smart watches," a parade of horrors that included allowing unauthorized third parties to trace your kid's location, and also to covertly eavesdrop through the watches' microphones and bark creepy orders at them through their speakers.
With the intuitive software out there today, anyone can become a music producer. You’ve probably heard that from any number of laptop impresarios, but you still have to know how to use the tools – and Logic Pro X is one of the best platforms out there right now. In order to get the most […]
Believe it or not, PDF files have been the go-to format for contracts and forms of any type since 1993. And sure, they’re easily shareable – but that’s about it. When you need to edit or sign a document – and you will – that’s when frustration can set in. Luckily, there are workarounds, and […]
It’s 4/20! Smoke ’em if you got ’em – and if you haven’t got ’em, check out this roundup of deep discounts on pipes and other accessories. They’re all on sale, but you can take an extra discount off the final price courtesy of the Boing Boing store by using the online code 420SAVE. Freeze […]
