More than 300,000 automation systems – covering lighting control, building automation and security, heating and air conditioning and more – need patching after a slew of vulnerabilities in the Tridium Niagara AX went public thanks to an ISC-CERT advisory. The announcement of the vulnerabilities comes nearly synchronously with …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Friday 17th August 2012 01:54 GMT Anonymous Coward

He worked with them for a year to help fix their product

I hope they gave him a little incentive at the end of it all. The other day I watched an interview with the guy who compromised one of the most common hotel keycard locks - he said he never even bothered to contact the vendor because there was no way to fix the issue without replacing ~4 million circuit boards, so (more or less) "[f*ck it]".

Companies really should treat these guys right when they try to be helpful like this.

0 0
1. Friday 17th August 2012 02:38 GMT Franklin
  
  Re: He worked with them for a year to help fix their product
  
  "I hope they gave him a little incentive at the end of it all."
  
  Of course they did. They didn't file charges against him.
  
  1 0
  1. Friday 17th August 2012 13:04 GMT Anonymous Coward
    
    Re: He worked with them for a year to help fix their product
    
    OK so if I somehow stumble across a gaping hole in someone's product that could cause their customers terrible consequences and spend a year of my time working with them to help resolve their issue I should be content that they don't press charges?
    
    ...and we wonder why security in so many products is complete shit.
    
    1 0
Friday 17th August 2012 05:27 GMT Anonymous Coward

Your building still belong anyone

"Union Wharf Condos" in Boston ...

http://75.150.95.122/ord?station:|slot:/Pumps

1 0

This topic is closed for new posts.

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

User topics

Article topics

Tridium patches control systems bug after a year

COMMENTS

He worked with them for a year to help fix their product

Re: He worked with them for a year to help fix their product

Re: He worked with them for a year to help fix their product

Your building still belong anyone

Other stories you might like

US government excoriates Microsoft for 'avoidable errors' but keeps paying for its products

Microsoft squashes SmartScreen security bypass bug exploited in the wild

OpenAI's GPT-4 can exploit real vulnerabilities by reading security advisories

Cisco creates architecture to improve security and sell you new switches

Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online

H-1B visa fraud alive and well amid efforts to crack down on abuse

Japanese government rejects Yahoo! infosec improvement plan

It's 2024 and Intel silicon is still haunted by data-spilling Spectre

Zero-day exploited right now in Palo Alto Networks' GlobalProtect gateways

French issue alerte rouge after local governments knocked offline by cyber attack

Fire in the Cisco! Networking giant's Duo MFA message logs stolen in phish attack

Feds probe alleged classified US govt data theft and leak

About Us

Our Websites

Your Privacy