Dutch Chipmaker Sues To Prevent Researchers From Publishing Info About Security Flaws
from the security-by-obscurity? dept
NXP Semiconductors, which was formerly Philips Semiconductor division, is suing some researchers to prevent the publication of a paper outlining the security flaws in smartcards made by NXP. These smartcards are widely used for transit systems and building locks. Of course, the fact that these cards have been insecure has actually been known for quite some time. Rather than fixing the problem, though, NXP spent plenty of effort denying any problem existed. Now that multiple researchers have demonstrated that the problem really does exist, NXP is claiming it hasn't had enough time to fix the problem, and thus is suing to prevent publication.Of course, if NXP hadn't wasted so much time insisting there was no problem, perhaps it would have been closer to a fix. And, most importantly, those who are looking to use this vulnerability already have access to it. Publication in a journal isn't going to alert criminals -- they already know about it. What it could do, however, is get more researchers helping on a solution. But, apparently, NXP would rather pretend that if they keep the details hidden, they can pretend there is no problem.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: disclosure, lawsuits, security, smart cards
Companies: nxp semiconductors
Reader Comments
Subscribe: RSS
View by: Time | Thread
Next, Voting Machines
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What's the claim?
[ link to this | view in chronology ]
Don't play hardball when you're the one who will lose
Obviously the group that discovered the problem alerted the company, have them time to fix, no fix is available (the problem isn't always easy or quick) but NXP should have made a plea to hold back, but instead they're resorting to hardball tactics, and I say you fight fire with fire, release the hounds!
[ link to this | view in chronology ]
Re: Don't play hardball when you're the one who will lose
[ link to this | view in chronology ]
here we go again
[ link to this | view in chronology ]
security is too important ...
[ link to this | view in chronology ]
after it's broken, it keeps that way
[ link to this | view in chronology ]