1. Home

Core Technologies outs Citect to Associated Press-- is this ethical?

June 11, 2008
As I posted over on Joe Weiss' blog Unfettered, Core Technologies "reported exclusively" to the Associated Press about a buffer overflow vulnerability they found in CitectSCADA. The flaw is repaired, although, once again Core insists that it was "five months" before Citect responded to their notification. They made the same charge against Wonderware a month or so ago...but they didn't...
As I posted over on Joe Weiss' blog Unfettered, Core Technologies "reported exclusively" to the Associated Press about a buffer overflow vulnerability they found in CitectSCADA. The flaw is repaired, although, once again Core insists that it was "five months" before Citect responded to their notification. They made the same charge against Wonderware a month or so ago...but they didn't ever say how they had tried to contact WW or Citect-- sending emails to "info@..." probably won't get there. My continuing problem with this is that I don't think what Core (and the other security companies that gain visibility, advertising, street cred, and whatever else they want in support of additional business) is doing is ethical. Encouraging somebody to exploit a previously unknown (and according to Core, unexploited) vulnerability in Critical Infrastructure seems to me to be a dangerous, and potentially deadly practice. That's what Core is doing-- and they are doing it to advertise their services as a security consultant. If I did that to gain more readership, I'd have people correctly questioning my ethics, you bet.  Walt

Continue Reading

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...

Latest from Home

2412ct_cartoon
Engineer or lab staff pointing on instrument calibration
U.S. election day; people at voting booth at U.S. election station with American flag in background.

Most Read

Sponsored