A Frenchman was found guilty in a Paris court yesterday for publishing exploit code of a company’s anti-virus product.
Guillaume Tena, received a suspended fine of €5,000 for publishing both a vulnerability and a proof of concept virus on his website.
Tena, a Harvard University researcher, posted exploits online that pointed to holes in French anti-virus firm Tegam’s Viguard anti-virus.Tena justified his actions in an online diary.
“In March 2002, I published on my website a long analysis about this software. This webpage showed how the program worked, demonstrated a few security flaws, and some tests with real viruses,” Tena wrote. “I showed that, unlike the advertizing claimed, this software didn’t detect and stopped(sic) 100% of viruses.”
The suspended fine means that Tena will face further action should he ever repeat his offence.
“To use an analogy, it’s a little bit as if Ford was selling cars with defective brakes, if I realized that there was a problem, opened the hood and took a few pictures to prove it, and published everything on my website. And then Ford filed a complaint against me for that,” Tena complained.
Tegam is now pursuing a civil case which could see Tena face a fine of up to €900,000.
The time between exploits being published and viruses exploiting those exploits appearing in the wild is approaching hours. In November SC reported virus writers approaching zero day exploits.