Judge Still Keeps MIT Students Gagged Over Subway Hacking Presentation

The EFF tried to get the gag order lifted off the three MIT students who had planned a presentation on how Boston's subway system was vulnerable to some hacks. However, a judge has left the gag order in place, saying that it will be discussed at a hearing next Tuesday. He also ordered the students to hand over more information.

There's been a long debate in the security community about what is proper "disclosure." There are some who believe that you should wait until a vulnerability is fixed before disclosing it, while others believe that only by disclosing it are people really motivated to fix the vulnerability. However, most of those debates haven't taken place in court -- so this particular case should be quite interesting for those who are involved in security research, no matter which side of the "disclosure" debate you fall on.

Reader Comments

    Clueby4, 14 Aug 2008 @ 10:06pm

    Prior Notice practice is nonsense

    Why do software companies expect such a courtesy? The products they sell are excluded from merchantability. They even claim said right in their dubious, at best, EULAsTOSetc.

    If you agree with the practice of prior notice then you've either have a biased viewpoint, or you're not too bright.

    Should contaminated pharmaceuticals or tainted food get such unrealistic protections.

    Apparently, too many of you enjoy your blissful ignorance and seem to feel that bliss should be forced on everyone else. Or perhaps you might be benefiting from the practice of selling flawed software products and don't find the idea of having it's flaws exposed very palatable.

