Frenchman fined for exploit-posting exploits

March 9, 2005

A Frenchman was found guilty in a Paris court yesterday for publishing exploit code of a company's anti-virus product.

Guillaume Tena, received a suspended fine of €5,000 for publishing both a vulnerability and a proof of concept virus on his website.

Tena, a Harvard University researcher, posted exploits online that pointed to holes in French anti-virus firm Tegam's Viguard anti-virus.Tena justified his actions in an online diary.

"In March 2002, I published on my website a long analysis about this software. This webpage showed how the program worked, demonstrated a few security flaws, and some tests with real viruses," Tena wrote. "I showed that, unlike the advertizing claimed, this software didn't detect and stopped(sic) 100% of viruses."

The suspended fine means that Tena will face further action should he ever repeat his offence.

"To use an analogy, it's a little bit as if Ford was selling cars with defective brakes, if I realized that there was a problem, opened the hood and took a few pictures to prove it, and published everything on my website. And then Ford filed a complaint against me for that," Tena complained.

Tegam is now pursuing a civil case which could see Tena face a fine of up to €900,000.

The time between exploits being published and viruses exploiting those exploits appearing in the wild is approaching hours. In November SC reported virus writers approaching zero day exploits.

www.viguard.com

prestitial ad