Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Finds Flaw With Black Hat Video Stream

Posted by timothy on Sunday August 1, 2010 @05:55PM from the fair-play dept.

An anonymous reader writes "Mozilla web security researcher Michael Coates found a flaw in Black Hat's paid video feed. The flaw allowed him to watch a live feed of the conference for free instead of the $395 a head to connect. Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue."

2 of 106 comments (clear)

Min score:

Reason:

Sort:

responsibility by Anonymous Coward · 2010-08-01 18:14 · Score: 3, Interesting

The responsibility aspect is one area where the Black Hat guys could earn a lot of respect by doing the right thing. It's a dick move to just disclose stuff without giving companies a chance to fix their mistakes, no matter how stupid it is.
Responsible Disclosure by TXISDude · 2010-08-01 18:58 · Score: 5, Interesting

As one who has attended many BlackHat conferences - I take offense to the line "Unlike many presenters at Black Hat, Michael responsibly disclosed the flaw to organizers, who quickly fixed the issue" In my experience, BlackHat presenters have followed responsible disclosure - including this year's high profile ATM exploit talk, which, for instance can not be replicated by those in attendence (proof was given that it can be hacked, but the sourcecode was not released) - and the industry certainly knew it was coming for > 1 year - and the end of the presentation gave simple directions about how to mitigate the issues. . .

--
Hope is the worst of evils, for it prolongs the torment of man. -- Friedrich Nietzsche