For everyone whinging that they shouldn't have disclosed this to the Chinese government, they didn't!
In fact, they only reported the denial of service (DoS) issue to CERT, who passed it on to CERT-CN. This is the proper and expected behaviour for security researchers.
They did NOT report the observation that discarding resets made the firewall ineffective. The only way that the Chinese government can find out about that is by reading sites like Slashdot.
"He sought compensation but has apparently been told there is no case to answer because there was no fault with the testing procedure."
Seriously, this guy doesn't sound like the nice type at all: he won't cooperate to find out if he holds the key to cure a horific disease and tries to get compensation when it turns out he's healthy!
Slashdot Mirror
For everyone whinging that they shouldn't have disclosed this to the Chinese government, they didn't!
o ring-the-great-firewall-of-china/, Comment #30.
In fact, they only reported the denial of service (DoS) issue to CERT, who passed it on to CERT-CN. This is the proper and expected behaviour for security researchers.
They did NOT report the observation that discarding resets made the firewall ineffective. The only way that the Chinese government can find out about that is by reading sites like Slashdot.
Reference: http://www.lightbluetouchpaper.org/2006/06/27/ign
"He sought compensation but has apparently been told there is no case to answer because there was no fault with the testing procedure."
Seriously, this guy doesn't sound like the nice type at all: he won't cooperate to find out if he holds the key to cure a horific disease and tries to get compensation when it turns out he's healthy!
Holy shit that's cool.
Same problem here in Firefox 1.0.5/Slackware 10.1. Must be a conspiracy, better dig out the tinfoil ;-)
Wow, that thing's actually fast enough to run Windows XP!
... can it throw it back? :-)