sickcodes
commented
1 year ago Added | 2017-12-20 | Keeper | Dan Goodin | Keeper sues reporter over vulnerability story | On December 14 2017, Tavis Ormandy reported on Google's Project Zero about a concern that Windows came pre-installed with a copy of Keeper password manager. Moreover, he published screenshots of a PoC, and showed that the pre-installed software, came with a vulnerability that could be used to potentially perform "drive-by" password theft. Subsequently, Dan Goodin covered this story in Ars Technica. Keeper obviously did not like the original version of Goodin's story and demanded a trial by jury, alleging that the article contained, "false statements," and was missing facts. Keeper argued on the court filing that Goodin failed to speak to Keeper, before writing about a bug tracker post about vulnerabilities in the Keeper password manager, that came pre-installed with Windows. Keeper even tried to argue that although it was pre-installed on the computer, the customer had to "use the software", to be vulnerable. As of 2017, software is designed to be used. [Case number 1:17-cv-09117] |
https://www.zdnet.com/article/security-firm-keeper-sues-news-reporter-over-vulnerability-story/