Gag Order Fuels Responsible Disclosure Debate

jvatcw writes "The Boston subway hack case has exposed a familiar rift in the security industry over responsible disclosure standards. Many see the temporary restraining order preventing three MIT undergrads from publicly discussing vulnerabilities they discovered in Boston's mass transit system as a violation of their First Amendment rights. Others, though, see the entire episode as yet another example of irresponsible, publicity-hungry security researchers trying to grab a few headlines." We discussed the temporary restraining order last weekend, and later the EFF's plans to fight it. CNet reports that another judge has reviewed the order and left it intact. Reader canuck57 contributes a related story about recent comments by Linus Torvalds concerning his frustration over the issue of security disclosure.

Hehe...

You said gag.

Obligitory Johnnie Cochrane

[inKubus]

"If anyone else knows, you must disclose."

Re:Obligitory Johnnie Cochrane

[Tuoqui]

"If your security is shit, you must gag it"

The REAL lesson is: next time, use Wikileaks

Post it to wiki:

http://wikileaks.org/

Then, if some moron complains, point him/her to this article. No good deed goes unpunished, so to hell with them.

In a realated Story

[arthurpaliden]

In a related story it appears the Judge's home was broken into and ransacked and several irreplaceable articles were stolen and destroyed without anyone knowing even though it has an activated alarm and security locking system. It appears that there was a flaw in the system that enabled the perpetrators bypass it. This flaw was know to security researchers however they were under a gag order and were not permitted to release this information to the general public. The gag order was applied for by the company because âoeif the general public knew about the flaw it would impact our revenue streamâ.