Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/20/2012
11:13 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Partners With The Electronic Frontier Foundation To Support Researchers At Black Hat USA 2012

EFF has been providing legal advice to security researchers at Black Hat since 2008

SAN FRANCISCO, July 20, 2012 /PRNewswire/ -- Black Hat, the world's leading family of information security events, today announced that the Electronic Frontier Foundation (EFF) will provide pro-bono legal consultations to security researchers at its annual Black Hat USA 2012 conference, happening July 21-26 in Las Vegas. For more information and to register for the event, visit www.blackhat.com.

Click here for more of Dark Reading's Black Hat articles.

EFF, a non-profit civil liberties organization dedicated to defending free speech and privacy rights online, has been providing legal advice to security researchers at Black Hat since 2008, when it first unveiled its Coders' Rights Project. The Coders' Rights Project provides legal services to help security researchers exercise their First Amendment right to speak on the vulnerabilities they discover and helps facilitate vulnerability disclosure of newly-found security flaws.

"Black Hat's partnership with EFF is of tremendous importance to the core tenants of Black Hat, helping us fulfill the promise of releasing research in an open community environment," said Trey Ford, General Manager of Black Hat. "By having EFF on board, Black Hat's speakers can confidently make their presentations, knowing they have full support from a legal perspective. We're extremely grateful to EFF for this invaluable service they are providing to the Black Hat community."

The Coders' Rights Project protects programmers and developers engaged in cutting-edge exploration of technology. EFF regularly counsels security researchers to help them navigate the legal issues that might impact their work, and in some cases, will contact a software vendor on the researcher's behalf, to allow for anonymity and ensure vulnerabilities are reported quickly and safely.

"The Black Hat Las Vegas event has always been known as a place where security researchers can come together to share their knowledge and break their findings on the critical security vulnerabilities they have discovered," said Marcia Hofmann, Senior Staff Attorney at EFF. "Our team at EFF is pleased to provide pro-bono legal consultations to help this community. Our goal is to facilitate the expedient disclosure of cutting-edge, boundary-pushing research while protecting the rights of those who do it."

EFF will have a private room available for speaking with security researchers at Black Hat. Their attorneys will be onsite to provide legal information on reverse engineering, vulnerability reporting, copyright law and free speech. For more information or if you would like to get in contact with an attorney at EFF, please contact: [email protected]

Black Hat USA 2012 will feature nine concurrent tracks every day -- including many talks that reveal previously undiscovered security threats and vulnerabilities – as well as workshops, roundtables and cutting edge presentations by top security experts. Deep technical training will take place July 21-24, while the open briefings will run from July 25-26. Registration for the event is still open. Online registration closes July 20. To request media credentials to the event, please visit: http://bit.ly/BHUSAmedia.

Follow Black Hat on Facebook; Black Hat on LinkedIn; #BlackHatEvents on Twitter; Black Hat Events on Flickr.

About The Electronic Frontier Foundation

The Electronic Frontier Foundation is the leading organization protecting civil liberties in the digital world. Founded in 1990, EFF defends free speech online, fights illegal surveillance, promotes the rights of digital innovators, and works to ensure that the rights and freedoms we enjoy are enhanced, rather than eroded, as our use of technology grows. EFF is a member-supported organization. Find out more at https://www.eff.org.

About Black Hat

Black Hat provides briefings and training to leading corporations and government agencies around the world. Black Hat differentiates itself by working at many levels within the corporate, government, and underground communities. This unmatched informational reach enables Black Hat attendees to be continuously aware of the newest vulnerabilities, defense mechanisms, and industry trends. Black Hat Briefings and Trainings are held annually in Europe and Las Vegas. Black Hat is produced by UBM TechWeb. More information is available at www.blackhat.com.

About UBM TechWeb

UBM TechWeb, the global leader in technology media and professional information, enables people and organizations to harness the transformative power of technology. Through its three core businesses – media solutions, marketing services and paid content – UBM TechWeb produces the most respected and consumed brands and media applications in the technology market. More than 14.5 million business and technology professionals (CIOs and IT managers, Web & Digital professionals, Software Developers, Government decision makers, and Telecom providers) actively engage in UBM TechWeb's communities and information resources monthly. UBM TechWeb brands include: global face-to-face events such as Interop, Black Hat and Enterprise Connect; award-winning online resources such as InformationWeek, Dark Reading, and Network Computing; and market-leading magazines InformationWeek, Wall Street & Technology, and Advanced Trading. UBM TechWeb is a UBM plc. company, a global provider of news distribution and specialist information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).