On December 15, Ars Technica ran a story by veteran security reporter Dan Goodin in which Goodin reported on a disclosure by Google researcher Tavis Ormandy, who had discovered that Keeper Security's password manager, bundled with Windows 10, was vulnerable to a password stealing bug that was very similar to a bug that had been published more than a year before.
Ormandy had reported the bug to Keeper Security in advance of publication and waited until the company had issued a patch to disclose it.
Keeper Security has filed a lawsuit in Illinois (where it is based) against Goodin and Ars Technica, alleging that the factual report of the defects in its products "made false and misleading statements about the Keeper software application suggesting that it had a 16-month old bug that allowed sites to steal user passwords."
Keeper Security previously threatened to sue Fox IT, a security research firm, over publication of another defect in its products.
Illinois has good anti-SLAPP laws, which protect critical speech from legal attacks that try to outspend critics, which bodes well for Ars and Goodin. In the meantime, the lawsuit has attracted critical attention to Keeper Security, as security journalists and researchers speak out against "ridiculous" actions that are tantamount to "bullying."
Keeper Security Inc v Goodin et Al
Security firm Keeper sues news reporter over vulnerability story [Zack Whittaker/Zdnet]
Berlin-based security researcher Sébastien Kaul discovered that Voxox (formerly Telcentris) -- a giant, San Diego-based SMS gateway company -- had left millions of SMSes exposed on an Amazon cloud server, with an easily queried search front end that would allow attackers to watch as SMSes with one-time login codes streamed through the service.
Researchers at NYU and U Michigan have published a paper explaining how they used a pair of machine-learning systems to develop a "universal fingerprint" that can fool the lowest-security fingerprint sensors 76% of the time (it is less effective against higher-security sensors).
A year ago, the Norwegian Consumer Council commissioned a study into kids' smart watches, finding that they were incredibly negligent when it came to security and incredible greedy when it came to surveillance: a deadly combination that meant that these devices were sucking up tons of sensitive data on kids' lives and then leaving it […]
There are two times you never want to just “eyeball” it: Conducting brain surgery and matching shades of paint for your walls. Whether you’re painting or repainting, make sure you’re never just “close enough” to the color you want. Not when the Nix Mini Color Sensor can scan and match any color perfectly. Small enough […]
In photography as in film, all the real artistry is in post-production – increasingly so, with the new possibilities cropping up in digital imaging. If you’re ready to get serious about your photography, may we suggest HDR Projects 2018 Pro. As working photographers can tell you, this imaging software can help you re-imagine even the […]
A picture can be worth a heck of a lot more than just a thousand words. If you’ve squinted for ages trying to get just the right photo, you might have the right passion for a career behind the camera. You might even have the right equipment, but do you have the know-how? The Beginner-To-Expert […]
