By Darren Pauli, 8 May 2014
Lawyers say security giant should have paid before it unleashed slurping scripts
Intel security subsidiary McAfee may be in hot water after it allegedly scraped thousands of records from the Open Source Vulnerability Database instead of paying for them.
The surreptitious slurp was said to be conducted using fast scripts after McAfee formally inquired about purchasing a license to the data.
Those scripts, OSVDB said in a blog post, deliberately subverted security controls design to protect the database by rapidly changing the user agent.
A fed-up OSVDB staffer took to the website's blog to out McAfee and Spanish infosec firm S21Sec which also hoovered up vulnerability data after being told such access was a paid service.
Full Article
McAfee accused of McSlurping Open Source Vulnerability Database
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.