@Stake pulls pin on Geer: Effect on research and publication

From: Patrick J. Kobly (patrick_at_kobly.com)
Date: 09/26/03

Next message: Stan Bubrouski: "Re: LanSuite 2003 - Multiple Vulnerabilities"

Previous message: Richard M. Smith: "RE: [Full-Disclosure] CyberInsecurity: The cost of Monopoly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 26 Sep 2003 09:45:18 -0600
To: bugtraq@securityfocus.com

CNET is reporting that @Stake fired Dan Geer yesterday:

http://news.com.com/2100-1014_3-5082649.html

Over a recent CCIA report coauthored by him, and released Wednesday:

http://www.ccianet.org/papers/cyberinsecurity.pdf

@Stake's comments - "The values and opinions of the report are not in
line with @Stake's views" explaining Geer's termination are concerning
for a company that claims "we must not be afraid to take things apart,
understand how they work, and share that information with the world."
[http://www.atstake.com/research/]

It should be noted that the CCIA report tries to examine the Microsoft
desktop monopoly, and its effect on the security of the Internet and
the digital world at large. This is in direct line with @Stake's
stated research objectives. The fact that the conclusions drawn may
not be the same as those drawn by other @Stake researchers does not
justify silencing this discussion.

@Stake and other security companies and organizations need to act now
to encourage discussion of root causes of insecurity on the net - even
if these causes are not fundamentally technical in nature. It is, in
fact, these causes - the political and economic ones - that are the
most difficult ones to fix. As a result, it is these factors that
must be brought into the public eye, exposed to more scrutiny, so that
we may address them.

What @Stake has done here is simply confirm to other security
researchers that the publication of unpopular research will directly
affect their pocketbooks. @Stake has set researchers' financial
security and job security at odds with their professional ethics and
research standards. Will the next researcher working at @Stake or
Symantec, or Security Focus hesitate to publish controversial research
because he is worried for his financial well-being?

-- 
"I am committed to helping Ohio deliver its electoral votes to the
President next year."
  -- Wally O'Dell - CEO of Diebold, Inc. (One of the largest American
  manufacturers of election machinery)

application/pgp-signature attachment: stored

Next message: Stan Bubrouski: "Re: LanSuite 2003 - Multiple Vulnerabilities"

Previous message: Richard M. Smith: "RE: [Full-Disclosure] CyberInsecurity: The cost of Monopoly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: [fw-wiz] @Stake CTO fired for Microsoft comments
... Something tells me that @Stake goofed up big time on this one. ... warmed the heart of every Entrepreneur and Security Geek out there. ... >> Dan's never been afraid to tell the truth. ... sure the truth was NOT misinterpreted as the opinion of their employers. ...
(Firewall-Wizards)
Re: This Call COULD Be Monitored ...No big deal
... >> PotUS is Commander in Chief and can order such when national ... >> security is at stake. ...
(misc.consumers)
Re: This Call COULD Be Monitored ...No big deal
... > PotUS is Commander in Chief and can order such when national ... > security is at stake. ... but right wingnuts like you don't want to be ...
(misc.consumers)