Juniper's Researcher Barnaby Jack was to present a talk on how a flaw into ATMs of a particular vendor can be exploited. The talk was to be presented into BlackHat Las Vegas. The show was cancelled on the request of the affected vendor which sought some time to fix up the flaw. Juniper too agreed that the talk would have far reaching impact on ATM security. They are offering help to ATM vendors to fix up the flaw found in Jack's research.
This is not the first time a Black Hat presentation was withdrawn. In 2005, Cisco and Internet Security Systems (ISS), now owned by IBM, threatened to sue researcher Michael Lynn just hours before he was to deliver a talk about vulnerabilities in the Cisco IOS. Lynn quit his job at ISS and proceeded anyway. Soon after, he settled with the two companies, essentially promising not to further discuss the exploit.
Last year Jeremiah Grossman and RSnake too delayed their presentation on Clickjacking after they received request from Adobe.
In 2007, security services consultant IOActive bowed to pressure from HID Global to withdraw its presentation. IOActive's director of research and development, Chris Paget, had planned to demonstrate security weaknesses in HID's RFID technology.
This is not the first time a Black Hat presentation was withdrawn. In 2005, Cisco and Internet Security Systems (ISS), now owned by IBM, threatened to sue researcher Michael Lynn just hours before he was to deliver a talk about vulnerabilities in the Cisco IOS. Lynn quit his job at ISS and proceeded anyway. Soon after, he settled with the two companies, essentially promising not to further discuss the exploit.
Last year Jeremiah Grossman and RSnake too delayed their presentation on Clickjacking after they received request from Adobe.
In 2007, security services consultant IOActive bowed to pressure from HID Global to withdraw its presentation. IOActive's director of research and development, Chris Paget, had planned to demonstrate security weaknesses in HID's RFID technology.
Comments