HP Threatens Security Researchers

As mentioned on Politech, HP threatened to sue a team of secuity researchers if they published a flaw in HP’s Tru64 operating system:

In a letter sent on Monday, an HP vice president warned SnoSoft, a loosely organized research collective, that [via the DMCA] its members “could be fined up to $500,000 and imprisoned for up to five years” for its role in publishing information on a bug that lets an intruder take over a Tru64 Unix system. […]

As of now, I’m boycotting HP/Compaq over this. When I replace my aging HP LaserJet 5L, I guess I’ll buy another brand. Or, I may just buy a used HP printer, as HP gets no additional revenue from used sales (their products are fairly decent, after all).

Update: Hmm, it looks like there may have been some misunderstanding, sort of a right-hand-not-knowing-what-the-left-is-doing, as HP is now saying that throwing its weight around, DMCA-style, is not its bag:

Where and how the DMCA should be applied is a matter of great controversy. The reported letter to SnoSoft was not consistent or indicative of HP’s policy. We can say emphatically that HP will not use the DMCA to stifle research or impede the flow of information that would benefit our customers and improve their system security. […]

So, err, nevermind on that “boycott”. Nothing to see here; move along ;).

2 thoughts on “HP Threatens Security Researchers

  1. Hmm, yeah, I might just do that. Of course, I suppose I wouldn’t want to make each item a link (as that would only serve to drive more business to the respective scumbags).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.