By Stephen Downes
April 15, 2003
Court Blocks Security Conference
Talk
It's hard to say which is more ridiculous,
the idea that Blackboard thought that the two students
constituted "competition" or that Blackboard felt that the
best response to a security breach - apparently known since
last September - was to file a lawsuit banning a conference
presentation.
By John Borland, CNet, April 14, 2003
[Refer][Research][Reflect]
Cease and Desist Letter Sent to Interz0ne
II
Text of the order sent to Interzone
conference organizers and the presenters barring the talk.
"Blackboard hereby requests that you immediately cease and
desist from any disclosure of information noted above, or
any facilitation of that disclosure, including but not
limited to, the disclosure of signals captured, the
releasing of code, the development of functional readers,
and hardware specs to wire the readers and control
circuits." By Gregory S. Smith, Sutherland, Asbill, &
Brennan, LLP, April 11, 2003
[Refer][Research][Reflect]
Backboard, Inc. v Billy Hoffman and Virgil
Griffith - Verified Complaint
PDF of the
complaint filed by Blackboard. Quoting Hoffman: "If
Blackboard doesn't make their system more secure, or tell
people how to secure it, I'll simply make compatible ones
myself and give them away." By Superior Court of Dekalb
County, State of Georgia, April 14, 2003
[Refer][Research][Reflect]
Backboard, Inc. v Billy Hoffman and Virgil
Griffith - Order
PDF of the restraining order
filed by a Georgia court. By Superior Court of Dekalb
County, State of Georgia, April 12, 2003
[Refer][Research][Reflect]
CampusWide: Overview and
Exploits
Google cache version of the Power Point
slides accompanying the talk. The original has been taken
down as a result of the court order (do I even need to
comment about how futile a gesture that was?). Note:
because the CSS is not captured by the Google cache, you
need to click on 'Edit' - "Select All' in order to view the
text (in Internet Explorer). The slides provide a pretty
detailed description of the vulnerabilities. By Acidus,
Interz0ne, April 11, 2003
[Refer][Research][Reflect]
Blackboard Campus IDs: Security Thru Cease &
Desist
Slashdot article (good read) and
discussion of the case. "On Saturday, instead of the talk,
attendees got to hear an Interz0ne official read the Cease
and Desist letter sent by corporate lawyers. The DMCA,
among other federal laws including the Economic Espionage
Act, were given as the reasons for shutting down the talk.
I spoke with Virgil this morning. Virgil was there two
years ago when Dmitri Sklyarov was arrested and led away in
handcuffs at Def Con 9. He's not in handcuffs now, but in
speaking to me, he had to stop and think about everything
he said, and every third answer was 'I really shouldn't
talk about that.'" By jamie, Slashdot, April 14, 2003
[Refer][Research][Reflect]
Acidus.Org
Personal website of one
of the students involved with an outline of the proposed
talk. Note that the student previously talked on the same
subject in September, 2002. "The signals to and from
several BlackBoard readers have been captured, as well as
how data is stored on the cards. Using this knowledge
Virgil and I have created a drop-in compatible reader, that
will work with an existing RS-485 network. Computer code to
emulate any reader made as well as hardware specs to wire
the readers and control circuits will be launched. By
Acidus, April, 2003
[Refer][Research][Reflect]
InterZone
Conference website. By
Various Authors, April, 2003
[Refer][Research][Reflect]
Know a friend who might enjoy this newsletter?
Feel free to forward OLDaily to your colleagues. If you
received this issue from a friend and would like a free
subscription of your own, you can join our mailing list
at
http://www.downes.ca/cgi-bin/website/subscribe.cgi
[
About This NewsLetter] [
OLDaily Archives]
[
Send me your comments]