Slashdot Mirror

← Back to Stories (view on slashdot.org)

FireEye Tries to Bury Keynote Reporting That It Ran Apache As Root On Security Servers

Posted by timothy on from the doctor-streisand-on-line-one dept.

An anonymous reader writes: Leading network security company FireEye, which has customers in government and the Fortune 500 list, has caused a controversy at a London security conference today after its legal attempts to stop a keynote speech detailing the repair of major security loopholes in its customer-facing systems this year. Reported among these now-fixed vulnerabilities were the running of a significant number of FireEye's Apache-based security servers as 'root' — meaning that any attacker able to compromise the servers would have had absolute power over all its operations and commercial connections.

4 of 108 comments (clear)

  1. What? by Etherwalk · · Score: 5, Funny

    Why is 'root' in quotes? Why is it defined (poorly) as if it were this mysterious thing giving absolute power over "commercial" connections?

    We're not the general public. We're nerds. Don't submit articles written for people who don't know what "root" is.

    1. Re:What? by Anonymous Coward · · Score: 4, Funny

      I run all my security-sensitive services as the "streisand" user

  2. Re:FireEye wanted to conceal IP .. by Anonymous Coward · · Score: 2, Funny

    199.83.131.186 - no big secret.

  3. Re:Amusing coincidence... by l0n3s0m3phr34k · · Score: 3, Funny

    FireEye has replaced nice with "angry". Every thread immediately grabs all the resources it can as soon as it's launched and refuses to give up anything until you reboot every device on the network.