Newsletters

Select newsletters below and click the button to sign up!

Boston News NY News
DC News Internet Daily
SiliconValley News
InternetNews Business Report




Become a Marketplace Partner


Partner With Us


Internetnews Bloggers

Recent Entries

Archives

July 2009
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Monthly Archives

Search The Blog

Netstat -vat by Sean Michael Kerner (bio)

A command line view of IT



Juniper pulls ATM Jackpot talk from Black Hat

By Sean Michael Kerner on June 30, 2009 4:35 PM
juniperwhite.jpg
From the 'Black Hat mythos grows' files

The Black Hat security conference is one that has a certain mystique surrounding it - which has been fuelled in recent years by controversial talks that get pulled. This year will be no different.  A presentation on how to hack ATMs, titled, 'Jackpotting Automated Teller Machines' has been pulled from the 2009 event set for July.

The session was going to be delivered by Barnaby Jack, a Juniper Networks security researcher. Juniper (which is a vendor I cover in both the enterprise and service provider networking space) decided after getting some pressure from the at-risk ATM vendor to have Jack pull his talk.

Juniper however is still standing by Jack and his research.
"Juniper believes that Jack's research is important to be presented in a public forum in order to advance the state of security," Juniper said in a statement emailed to InternetNews.com. "However, the affected ATM vendor has expressed to us concern about publicly disclosing the research findings before its constituents were fully protected."
That doesn't mean we won't eventually get to hear Jack's talk -- it's just that it won't be disclosed at Black Hat this summer.

"Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack's presentation until all affected vendors have sufficiently addressed the issues found his research," Juniper stated.
This is a real win-win for Juniper and Black Hat in my view.

I had speculated earlier this month that a session on hacking parking meters would be the likely candidate to be pulled. This just adds to that mystique/mythos about Black Hat being a place where serious (and potentially dangerous) IT security issues are exposed.

From a Juniper point of view - it shows that they are (obviously) comitted to responsible disclosure, but more importnatly perhaps - it shows that they have a serious security research group. Juniper isn't just a networking vendor, they've got a Black Hat headline-worthy security research group too.

Who know, it could ultimately make Juniper a few dollars too as they work to help the vendors fix their issues (and hey maybe they need some networking gear too..)
"As always, Juniper is committed to the responsible disclosure of security vulnerabilities," Juniper stated. "We are reaching out to other ATM vendors with the offer to assist them with promptly and diligently addressing the security risks and vulnerabilities uncovered in Jack's research."

| Comments (0) | TrackBacks (0) | Share

Tags:

0 TrackBacks

Listed below are links to blogs that reference this entry: Juniper pulls ATM Jackpot talk from Black Hat.

TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/8386

Leave a comment