Juniper nixes ATM security talk
- 01 July, 2009 07:08
- Comments
Router maker Juniper Networks has barred one of the company's security researchers from discussing security flaws in Automated Teller Machines after an ATM maker threatened legal action.
Staff Security Researcher Barnaby Jack had been set to deliver a July 30 talk entitled "Jackpotting Automated Teller Machines" at the Black Hat security conference in Las Vegas. But Jack abruptly asked conference organizers to pull the talk on Monday, according to Black Hat Director Jeff Moss. The talk has also been pulled from Black Hat's sister conference, Defcon, he added.
News of the cancellation was first reported by security news site Risky.Biz.
In a statement, Juniper said Tuesday that it made Jack withdraw the talk after an ATM vendor expressed concern that Jack's research could be misused. "Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack's presentation until all affected vendors have sufficiently addressed the issues found in his research," Juniper said.
Neither Juniper nor Moss would name the ATM maker that Jack had been studying, but Juniper says it is reaching out to other vendors as well to share information.
According to Jack's description of the talk on the Defcon site, he had found a vulnerability in the underlying software used to run "a line of popular new model ATMs."
"I've always liked the scene in Terminator 2 where John Connor walks up to an ATM, interfaces his Atari to the card reader and retrieves cash from the machine," the Juniper researcher wrote. "I think I've got that kid beat."
The presentation was supposed to "explore both local and remote attack vectors, and finish with a live demonstration of an attack on an unmodified, stock ATM."
According to a source familiar with the situation, Jack had been working with the vendor for the past nine months, but the ATM maker grew concerned that Jack's talk would lead to some bad publicity.
Black Hat talks have been pulled in the past because of legal threats. In 2005 researcher Michael Lynn was told by his employer, Internet Security Systems, to pull a Black Hat talk on router vulnerabilities after Cisco Systems threatened to sue him. Lynn quit and gave the talk anyway.
Within months, he was hired by Juniper.
- Bookmark this page
- Share this article
- Got more on this story? Email TechWorld
- Follow TechWorld on twitter
-
Lenovo ordered to pay €1920 for making French laptop buyer pay for Windows too
-
Wikileaks suspect to face US court-martial
-
Wikileaks suspect to face US court-martial
-
Telstra reports issue with BigPond email accounts
-
Samsung Galaxy S II Android phone
-
Windows 7 for Dummies® Dvd+book Bundle
-
Windows 7 for Seniors for Dummies®
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Windows 7 for Dummies®
-
Computers for Seniors for Dummies, 2nd Edition
-
Office 2007 for Dummies
-
Office 2007 All-In-One Desk Reference for Dummies
-
Teach Yourself Visually Windows 7
-
Microsoft Office
Get exclusive access to Techworld news, reports & analysis. 
Comments
Post new comment