Student Hackers Settle Over Debit-Card Device
from the but-is-it-really-secure? dept
Back in April there was a lot of press over a pair of student hackers who were prevented from making a presentation at a conference about a way to compromise the security of the Blackboard debit card system that is used at many universities to let students buy things like meals and use laundry machines. While initially it appeared to be an open and shut case of “chilling effects” with a big company scaring off those who found a security hole, some of the details suggest that the case was more complex. Now, the two students have settled the lawsuit filed against them by Blackboard, admitting that they never actually finished the device they spoke about, and perhaps has exaggerated the capabilities it would have. Blackboard claims this shows that their systems are secure. Of course, this doesn’t prove anything like that. It does nothing to prove that the systems are secure, it just shows that these kids didn’t get a chance to demonstrate the exploit, which could definitely still be there. This is sounding more and more like a case where a big company is trying to hide a security problem rather than solve it.
Comments on “Student Hackers Settle Over Debit-Card Device”
Link farm
I missed Interz0ne because of a shitty wedding last April, so I missed the fireworks, but the se2600 mailing lists had a good bit about it. A local friend but up a link farm/timeline of the case.