Craig Young, security researcher and Tripwire Vulnerability and Exposure Research Team (VERT) member, recently discovered a critical vulnerability in NetGear’s ReadyNAS embedded devices (advisory here).
Despite repeated attempts to follow the responsible disclosure process for these vulnerabilities over many months, Craig was frustrated with NETGEAR’s lack of responsiveness.
Why do technology vendors do their best to ignore security researchers?
Listen to episode 104 of our security slice podcast and hear Craig Young, along with Dwayne Melançon and Tyler Reguly, discuss why this NETGEAR vulnerability is so serious, the grey area between security issues and product bugs, and what tech companies can learn from the food industry.
Young will also be hosting a Google hangout to discuss the vulnerability and his discovery process on Tuesday October 29th at 1PM Eastern / 10AM Pacific. More information on Young’s hangout can be found here.
Click Here to Listen to the Podcast
- Security Slice: Ready or Not ReadyNAS?
- Security Slice: Could Obamacare Cure Healthcare Cyber Security?
- Security Slice: Can Encryption Save Internet Privacy?
- Security Slice: What Did NIST Miss?
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock