Feeds

Hacking contest publicity stunt backfires

Spin paramedics called to scene of security disaster

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

A cunning plan by a security firm to publicise its product by challenging hackers to deface a Web site has backfired.

Argus Systems hoped to promote itself at the Infosecurity exhibition in London this week by running a $50,000 competition inviting hackers to break into a Web server protected by its intrusion protection security product, called PitBull.

The competition was supposed to run throughout the week but a team of computer hackers from a Polish group called Last Stage of Delirium (LSD) broke into the target server last weekend to claim the prize.

Argus said the LSD hack was not an exploit of its software but related to a previously unpublicised kernel level vulnerability, related to Solaris on Intel's x86 architecture.

Details of the vulnerability, which Argus said could affect other x86 operating systems, will be publicised when vendors are notified and a fix is available. Solaris on x86 isn't a commercial system for Argus, so the issue affects none of its PitBull customers.

PitBull is designed to provide operating system level security and is supposedly better at preventing the compromise of Internet-facing systems than other kinds of security technology, such as firewalls.

Spinparamedics from Argus yesterday denied that the hacking challenge was a publicity stunt that backfired causing embarrassment for them, as well as security integrator Integralis and hardware vendor Fujitsu Siemens. Argus is a private-held firm and something of a nobby nobody of networking security that seems to be looking for any publicity it can get (good or bad), but we expect better things from (normally technically excellent) Integralis and Fujitsu Siemens.

A spokeswoman for Argus ("all our technical people are back in the States") said that ultimately it had to rely on operating system vendors to make their technology secure. She then claimed that the success of LSD in hacking a system protected by PitBull vindicated Argus' approach that security must start at the operating system level.

This might be true but the hacking challenge has hardly bolstered PitBull's reputation in the market - and a demo of the product running on any kind of server was strangely absent from the Infosecurity show yesterday... ®

External links

Argus' spin on hacking contest

New hybrid storage solutions

More from The Register

next story
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.