Reader Comments (rss)

(Flattened / Threaded)

1.  

   Next, Voting Machines

   

   Josh Martin, Jul 10th, 2008 @ 8:31am

   
   

   Do these people make electronic voting machines, too?

   [ reply to this | link to this | view in thread ]

2.  

   

   Jake, Jul 10th, 2008 @ 9:18am

   
   

   I can kind of see the argument in favour of not publicising leaks like this until after you get a satisfactory official response from the company, and the YouTube video demonstrating the 'attack' looks more than a little contrived. I would however have more sympathy for NXP if they'd written back to say they were working on a solution and asking the university to hold off on publishing its results until they'd sorted it out.

   [ reply to this | link to this | view in thread ]

3.  

   What's the claim?

   

   Willton, Jul 10th, 2008 @ 10:36am

   
   

   With the caveat that I don't know jack about Dutch law, what is the claim here? I understand NXP would want to keep this from getting published, but I don't see what the underlying claim is to bar publication of this. Is it defamation?

   [ reply to this | link to this | view in thread ]

4.  

   Don't play hardball when you're the one who will lose

   

   TravisO, Jul 10th, 2008 @ 10:38am

   
   

   NXP is making a very bad move, especially if multiple separate people or groups know about the flaw. They're just asking for a writeup of the flaw to be posted anonymously on some key forums.
   
   Obviously the group that discovered the problem alerted the company, have them time to fix, no fix is available (the problem isn't always easy or quick) but NXP should have made a plea to hold back, but instead they're resorting to hardball tactics, and I say you fight fire with fire, release the hounds!

   [ reply to this | link to this | view in thread ]

5.  

   Re: Don't play hardball when you're the one who will lose

   

   Anonymous Coward, Jul 10th, 2008 @ 11:38am

   
   

   zero tolerance for folks who dont take security vulnerabilities seriously. that is the only way to make them learn. times are a-changing and hardball firewall tactics are no longer acceptable.

   [ reply to this | link to this | view in thread ]

6.  

   here we go again

   

   dkp, Jul 10th, 2008 @ 12:24pm

   
   

   I have a problem with companies spending time and money on fighting in this case the publication of information about flaws instead of fixing the problem this also goes for other things such as ip and others

   [ reply to this | link to this | view in thread ]

7.  

   security is too important ...

   

   Computer Consulting Kit Preview Blog, Jul 10th, 2008 @ 12:36pm

   
   

   It seems to me that any problem that compromises security (which is incredibly important in this day and age, more than ever before) and affects others should be reported as a warning immediately, even before a solution has been reached. People do need to know what they’re using, and when it goes “bad,” they need to know how to adjust their behavior with it accordingly and protect sensitive and important information. Even Microsoft, who has been pretty seriously hurt (though not necessarily financially!) by Vista’s many initial failures and problems admitted to their mistakes and provided quick solutions or at least work-arounds and adjustments.

   [ reply to this | link to this | view in thread ]

8.  

   after it's broken, it keeps that way

   

   Merijn, Jul 11th, 2008 @ 7:58am

   
   

   As far as I know, Professor Bart Jacobs and his crew have already had a few free rides to prove that the system is broken. Trying to silence a university professor won't fix your problem. Also I do not know the laws of my country, the Netherlands, well enough to guess what they try to use as a legal means to their cause in the attempt to silence their neighbor. Radboud university and NXP are located in the same city.

   [ reply to this | link to this | view in thread ]

Add Your Comment