http://www.techworld.com/security/news/index.cfm?newsID=103368 By Jeremy Kirk IDG news service 21 August 2008 Nokia has confirmed that its widely used Series 40 operating system has security vulnerabilities that could allow stealth installation and activation of applications. But the company is evasive on whether it paid €20,000 (£15,854) to researcher Adam Gowdiak of Security Explorations, who wanted payment for the six-month effort spent finding the flaws. Gowdiak would not disclose if he was paid, but said that only reputable, vetted companies that pay would get the full research, which amounted to 180 pages and 14,000 lines of proof-of-concept code. Nokia has a complete copy of Gowdiak's research, said Mark Durrant [cq] of Nokia's corporate communications. The mobile giant's position could rekindle the debate among security professionals on whether voluntary research should be rewarded by vendors whose products are affected. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Thu Aug 21 2008 - 22:08:54 PDT
This archive was generated by hypermail 2.2.0 : Thu Aug 21 2008 - 22:28:54 PDT