Handbags at dawn: Firm reacts badly to Twitter tip-off, minor catfight ensues
An open source security firm has blocked a security researcher who reported flaws in a recently issued patch in an apparent fit of pique.
Hector Martin took to Twitter on Tuesday to note a trivial crashing vulnerability in a recently issued patch by Grsecurity.
“I literally crashed my box by pasting a bunch of text into a terminal, due to a really sad bug in the patch,” Martin said.
In response, Grsecurity acknowledged the issue, which it said would be fixed in the next release.
At the same time it blocked Martin on both Twitter and by IP address.
“The proper fix (aka not yours, Mr. High Horse Captain Obvious) will be in the next patch, but good luck obtaining it,” Grsecurity snarkily responded.
That grsecurity Tweet in full
Grsecurity also blocked anyone who liked or retweeted Martin’s tweet, a reaction that’s unsurprisingly already spawned a lively discussion thread on Reddit.
Developers later said a new patch was available, so top marks for reaction time but demerits for diplomatic fines.
“New test patch up with improved protection against irrelevant infosec anklebiters,” Grsecurity later Tweeted.
Grsecurity’s technology is designed to provide security enhancement to the Linux kernel. ®
Enterprise Integration Pattern (EIP) flashcards