On December 15, Ars Technica ran a story by veteran security reporter Dan Goodin in which Goodin reported on a disclosure by Google researcher Tavis Ormandy, who had discovered that Keeper Security's password manager, bundled with Windows 10, was vulnerable to a password stealing bug that was very similar to a bug that had been published more than a year before.
Ormandy had reported the bug to Keeper Security in advance of publication and waited until the company had issued a patch to disclose it.
Keeper Security has filed a lawsuit in Illinois (where it is based) against Goodin and Ars Technica, alleging that the factual report of the defects in its products "made false and misleading statements about the Keeper software application suggesting that it had a 16-month old bug that allowed sites to steal user passwords."
Keeper Security previously threatened to sue Fox IT, a security research firm, over publication of another defect in its products.
Illinois has good anti-SLAPP laws, which protect critical speech from legal attacks that try to outspend critics, which bodes well for Ars and Goodin. In the meantime, the lawsuit has attracted critical attention to Keeper Security, as security journalists and researchers speak out against "ridiculous" actions that are tantamount to "bullying."
Keeper Security Inc v Goodin et Al
Security firm Keeper sues news reporter over vulnerability story [Zack Whittaker/Zdnet]
VPNFilter is a virulent, sophisticated, multistage worm that has successfully infected 500,000 home routers, leaving them vulnerable to both surveillance (the malware snoops network traffic for passwords) and region-wide internet shutdowns (VPNFilter can brick the routers it infects, and an attacker could shut down most or all of the home/small business internet access in a […]
VPNFilter is a sophisticated, multi-stage malware package, part of the new breed of boot-persistent malware (software that can survive a reboot); it targets home routers and network-attached storage devices, then steals passwords and logins that traverse the network and exfiltrates it to the creators' servers.
The White House Communications Agency, staffed with military information security experts, is in charge of making sure that the President's cellular phone isn't getting hacked by adversaries who might otherwise be able to listen in on his calls, capture his messages, intercept his search history, and remotely operate his camera and microphone. Donald Trump routinely […]
Businesses big and small use Microsoft Excel for everything from data visualization to bookkeeping, and chances are you’ve already had some exposure to this ubiquitous tool. Whether you’re looking to improve your hiring potential or boost your Excel efficiency, the Ultimate All-Level Excel Bootcamp can get you Excel-savvy with nearly 70 hours of training, and it’s […]
The workday is long, and inevitably, you’re going to find yourself needing to take a break from the daily grind. With Mini Materials Miniature Cinder Blocks, you can take some time for yourself and decompress by turning your desk into a miniature construction site. They’re available today in the Boing Boing Store for $22.49. Handmade […]
Handheld radios might seem a bit archaic, but in an emergency situation, few things will keep you as reliably connected to the outside world. This Emergency Multi-Function Radio & Flashlight takes the utility of the tried-and-true radio and combines it with a powerful flashlight and self-sufficient energy system. It’s available in the Boing Boing Store for […]