Re: UK ISP threatens security researcher

[Gadi Evron <ge () linuxbox org>]

On Thu, 19 Apr 2007, Will Hargrave wrote:
> Gadi Evron wrote:
>
> > "A 21-year-old college student in London had his internet service
> > terminated and was threatened with legal action after publishing details
> > of a critical vulnerability that can compromise the security of the ISP's
> > subscribers."
> >
> > I happen to know the guy, and I am saddened by this.
>
> In his blog post [1] he did admit to accessing other routers of Be's customers
> using the backdoor password; this is probably [2] a criminal offence in the UK.
>
> I'm not sure I have as much sympathy for him as you do.

The guy basically looked at his own modem, which is what this was all
about. The rest of what he may have done is indeed up to your judgement.

I am generally worried about the trend that is emerging of reporting
security issues resulting in legal threats.

        Gadi.

> [1] http://blogs.securiteam.com/index.php/archives/826
> [2] IANAL