Slashdot Mirror


GameSpy Sends DMCA-Based C&D To Security Researcher

chowbok writes "Luigi Auriemma has found several security holes GameSpy software over the past few months. He has reported them all to GameSpy but never got a response... until today, when he got a threatening letter from their lawyers. It says he's violating the DMCA, he needs to cease-and-desist, yadda yadda yadda." Update: 11/12 21:09 GMT by S : GameSpy has now posted an official response from the company's founder, Mark Surfas.

5 of 479 comments (clear)

  1. Wow by Kierthos · · Score: 4, Interesting

    I didn't think it was possible, but my opinion of Gamespy just went even lower. If it wasn't for them hosting old Nodwick strips, they'd have no redeeming values at all.

    I mean, let's face it, anyone who wants to exploit Gamespy's servers probably already knows how to do so, this guy's bug reports notwithstanding...

    Kierthos

    --
    Mr. Hu is not a ninja.
  2. DMCA Wall O' Shame by pclminion · · Score: 5, Interesting
    Is there a site out there like a "Wall of Shame" where we can go to see a list of fuckheads who have C&D'd people using the DMCA as a threat?

    It would be nice to have a list of all of them all in one place so I can make sure to never ever pay money to any organization that has used the DMCA against someone.

  3. Full disclosure wins by Pac · · Score: 4, Interesting

    I think it also settles the question about full and limited disclosure. Limited disclosure is clearly a tool that allows lazy admins and developers to sit on their lazy asses while their company lawyers shoot the messengers.

    What is needed now is an "official" infrastructure (mailing list/site/IRC channel/whatever) harboured somewhere with sensible laws and clearly geared toward transparent evaluation, discussion and discovery of security bugs in public software. Developers, admins and security experts welcomed, no matter their colour of their hats.

  4. Re:Hear that? by IA-Outdoors · · Score: 4, Interesting

    Also, it's probably worth noting that incidents like this kill a companies credibility in the various security circles. So, on the upside, I now know to avoid GameSpy software which should have their marketing people trying to figure out how to do damage control on this. Don't underestimate the power of being /.'d

    --
    You never saw a fish on the wall with its mouth shut.
  5. Re:Send some love by dboyles · · Score: 4, Interesting

    About 90% of the posts prior to mine say something to the effect of, "If he hasn't contacted them, how could he have harassed them?" I think the objective thing to do is at least consider the fact that Gamespy could be telling the truth. Most posts related to this response are really dealing with semantics. This response from "Mark" was obviously almost casual in nature, so it's not a stretch to think that he may have accidentally contradicted himself with his words.

    I admit that the way most of these things work out, it's likely that the company is in the wrong (not responding to bug disclosure and overreacting when the exploits get posted). But don't take everything you read on Slashdot as gospel.

    Before you flame put yourself in the other guy's shoes, and before you mod me down consider if you're doing it because you disagree with me.

    --
    -- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear