On December 15, Ars Technica ran a story by veteran security reporter Dan Goodin in which Goodin reported on a disclosure by Google researcher Tavis Ormandy, who had discovered that Keeper Security's password manager, bundled with Windows 10, was vulnerable to a password stealing bug that was very similar to a bug that had been published more than a year before.
Ormandy had reported the bug to Keeper Security in advance of publication and waited until the company had issued a patch to disclose it.
Keeper Security has filed a lawsuit in Illinois (where it is based) against Goodin and Ars Technica, alleging that the factual report of the defects in its products "made false and misleading statements about the Keeper software application suggesting that it had a 16-month old bug that allowed sites to steal user passwords."
Keeper Security previously threatened to sue Fox IT, a security research firm, over publication of another defect in its products.
Illinois has good anti-SLAPP laws, which protect critical speech from legal attacks that try to outspend critics, which bodes well for Ars and Goodin. In the meantime, the lawsuit has attracted critical attention to Keeper Security, as security journalists and researchers speak out against "ridiculous" actions that are tantamount to "bullying."
Keeper Security Inc v Goodin et Al
Security firm Keeper sues news reporter over vulnerability story [Zack Whittaker/Zdnet]
In 2017, Equifax admitted that it had doxed America by leaking the nonconsensual dossiers it builds on the nation, covering up the info while its key employees sold off their stock, and then repeatedly lying about the scope of the breach.
Aestetix writes, "We have good news. There will be a HOPE [ed: Hackers on Planet Earth, a beloved, NYC-based hacker con put on by 2600 Magazine] in 2020. And we expect it to be better than ever. For several months, we have been looking for a venue that would have the needed space and flexibility […]
Nest is a home automation company that Google bought in 2014, turned into an independent unit of Alphabet, then re-merged with Google again in 2018 (demonstrating that the "whole independent companies under Alphabet" thing was just a flag of convenience for tax purposes); the company has always focused on "ease of use" over security and […]
If you’re a coder, there’s a multitude of avenues for you to take your skills. Whether you’re just jumping into the world of programming or looking to rise up the ranks as an established professional, a wide base of knowledge is key. And this Premium 2020 Learn to Code Certification Bundle is a resource that’s […]
Everybody could use a little improvement, especially those of us on the hunt for new careers. Each job requires a different set of skills, and that list can change from year to year or even month to month as new technologies emerge. When you’re in that race and need to learn fast, the old model […]
In recent years, natural language processing technology and language translation technology have advanced greatly. The trouble is, language translation software typically comes in the form of apps. And while your mileage may vary on their usefulness, they share one thing in common: a serious drain on the battery for your smartphone, the very thing you’ll […]