Comments on: Researcher faces jail for finding bugs

Frenchman who published exploit codes that could take advantage of bugs in antivirus software allegedly violated copyright law.

[xpgeek11]

total bull

This is bull. It could set a precedent where people, componys, whoever finds em, are not allowed to report security vulnerabilitys in products. This should be laughed out of court.

[xpgeek11]

total bull

This is bull. It could set a precedent where people, componys, whoever finds em, are not allowed to report security vulnerabilitys in products. This should be laughed out of court.

[simcity1976]

About Time

These people do the consumer more harm than good, by showing them how to exploit a flaw rather then tell them that there is flaw.

The only people they should show how to exploit is the company's that own the right's to the development of it.

[simcity1976]

About Time

These people do the consumer more harm than good, by showing them how to exploit a flaw rather then tell them that there is flaw.

The only people they should show how to exploit is the company's that own the right's to the development of it.

[volterwd]

The analogy sucks

if you do that to a ford... it isnt exposing other people to risk its reducing it... but what he did allows third parties access to the bugs which exposes people to risk... what he should have done publicly was to say that the risk was there... and show the company the problems privately... hes not a devil but hes not a saint either

[volterwd]

The analogy sucks

if you do that to a ford... it isnt exposing other people to risk its reducing it... but what he did allows third parties access to the bugs which exposes people to risk... what he should have done publicly was to say that the risk was there... and show the company the problems privately... hes not a devil but hes not a saint either

[Nael]

Open Source is great

If the product has a flaw, fix it, don't punish the person for pointing out regardless if it was made public. Since the product was inferior to begin with, why should the person get punished for pointing out the lack of quality that went into the software.

I think the company that made the software needs to re-evaluate their quaility control before releasing half baked products to the market place.

[Nael]

Open Source is great

If the product has a flaw, fix it, don't punish the person for pointing out regardless if it was made public. Since the product was inferior to begin with, why should the person get punished for pointing out the lack of quality that went into the software.

I think the company that made the software needs to re-evaluate their quaility control before releasing half baked products to the market place.

[Sir Geek]

False Advertising ?

Shouldn't he be able to prove that their ad is false and misleading since it really doesn't find 100% of the virus/etc. ?

[Sir Geek]

False Advertising ?

Shouldn't he be able to prove that their ad is false and misleading since it really doesn't find 100% of the virus/etc. ?

Amazing...

The people that say he should have went to the company are idiots. The company wouldn't have done anything except cover it up because it hurts their bottom line. Even had they fixed the problem they wouldn't have said anything and people that choose not to upgrade would still be at risk.

In this day and age of greedy corporations that only care about money what was done was the only thing that could be done. It happens all the time in the US as it should.

Besides the chances are criminals either already knew about it or would have shortly anyways. How many times has a virus or other bit of crap come out to take advantage of security hole that was never mentioned to the public until after the virus was discovered.

As for telling the public that there was a problem without showing proof, that would have gotten him laughed at for now proving his findings and that would have simply given the company in question the abilitiy to make him out to be a crack pot and then cover it up as I said.

No the only way things like this get fixed are after the world hears about it and sees the proof for themselves. Any country that puts the rights of the company ahead of the consumer for things like that are countries that should be blown off the face of the Earth.

Robert

Amazing...

The people that say he should have went to the company are idiots. The company wouldn't have done anything except cover it up because it hurts their bottom line. Even had they fixed the problem they wouldn't have said anything and people that choose not to upgrade would still be at risk.

In this day and age of greedy corporations that only care about money what was done was the only thing that could be done. It happens all the time in the US as it should.

Besides the chances are criminals either already knew about it or would have shortly anyways. How many times has a virus or other bit of crap come out to take advantage of security hole that was never mentioned to the public until after the virus was discovered.

As for telling the public that there was a problem without showing proof, that would have gotten him laughed at for now proving his findings and that would have simply given the company in question the abilitiy to make him out to be a crack pot and then cover it up as I said.

No the only way things like this get fixed are after the world hears about it and sees the proof for themselves. Any country that puts the rights of the company ahead of the consumer for things like that are countries that should be blown off the face of the Earth.

Robert

Poor Headline

The headline is sensationalistic and down-right misleading. This fellow faces potential jail time for copyright infringement, not for finding bugs.

Poor Headline

The headline is sensationalistic and down-right misleading. This fellow faces potential jail time for copyright infringement, not for finding bugs.

[johnsinhos]

The French Ruling is Myopic

The frech judge ruling is utterly myopic and should be reformed. It disregards the nature of the software in question: AntiVirus.
Since advertised for protection and profiting on that, it is expected to be "bullet-proof" instead of containing bugs.
Any bug-finder, no matter how found, bears the OBLIGATION to blow the whistle to the community.
Okay, Guillermito was a bit stupid publishing the code, instead of communicating Tegam first, for he even could have been rewarded for that. Good with bytes, lousy with people.
But attention: damages are also on the customer's side! Let's spread the word like: Tegam sues Guillermito for US$1.2million and every customer that paid for the software sues Tegam for US$120,000 for damages and false advertising, alternatively demanding the former suit to be dropped immediately. And of course, no jail time unless proven intent on damaging Tegam.
If I were the judge on the civil suit, I would sentence Guillermito on paying not more than four months of his salary to Tegam.

[johnsinhos]

The French Ruling is Myopic

The frech judge ruling is utterly myopic and should be reformed. It disregards the nature of the software in question: AntiVirus.
Since advertised for protection and profiting on that, it is expected to be "bullet-proof" instead of containing bugs.
Any bug-finder, no matter how found, bears the OBLIGATION to blow the whistle to the community.
Okay, Guillermito was a bit stupid publishing the code, instead of communicating Tegam first, for he even could have been rewarded for that. Good with bytes, lousy with people.
But attention: damages are also on the customer's side! Let's spread the word like: Tegam sues Guillermito for US$1.2million and every customer that paid for the software sues Tegam for US$120,000 for damages and false advertising, alternatively demanding the former suit to be dropped immediately. And of course, no jail time unless proven intent on damaging Tegam.
If I were the judge on the civil suit, I would sentence Guillermito on paying not more than four months of his salary to Tegam.