Security Firm Keeper Sues News Reporter Over Vulnerability Story

Zack Whittaker, writing for ZDNet: Keeper, a password manager software maker, has filed a lawsuit against a news reporter and its publication after a story was posted reporting a vulnerability disclosure. Dan Goodin, security editor at Ars Technica, was named defendant in a suit filed Tuesday by Chicago-based Keeper Security, which accused Goodin of "false and misleading statements" about the company's password manager. Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy, who said in a vulnerability disclosure report he posted a day earlier that a security flaw in Keeper allowed "any website to steal any password" through the password manager's browser extension.

Paging Ms Streisand...

[Harold+Halloway]

Is there a B. Streisand in the house?

Keeper has no case

[techdolphin]

This is an attempt by Keeper to shut down critical articles. While Ars Technica and Dan Goodin must respond, Keeper has no case. To prove libel, the plaintiffs must prove that publication or writer purposely wrote false statements or had malicious intent. Goodin quoted a security expert, and was reporting on the expert's opinion. Keeper will lose and lose big.

Not buying it now!

[Thruen]

I'm actually in charge of finding a new password manager for the small business I work at and Keeper was one of the few I'd narrowed my choices down to. They just knocked themselves off that list. My company is small and that's no huge loss for them, but I know I'm not the only person making that choice. Now, had they responded to this stating they're temporarily disabling the browser extension while they work on a fix, they'd still be on the list. When are companies going to learn that trying to shut down bad publicity is the worst publicity of all?