(Reuters) - A highly anticipated talk on how to identify users of the Tor service, widely used to access the Internet anonymously, has been withdrawn from next month’s annual Black Hat security conference.
Hacking experts disclose vulnerabilities at conferences to alert the public about security flaws, both to pressure developers to fix them and to warn users about products that may not be completely safe.
Yet concerns are sometimes raised as to whether such disclosures are helpful, or harmful, to the public interest.
Here are some examples of other hacking talks that have been pulled from conferences over the past decade:
2013 - Three European computer scientists canceled a talk on
hacking the locks of luxury cars at a prestigious U.S. academic
conference known as USENIX, after Volkswagen AG
obtained a restraining order from a British court. Their paper identified ways to hack into the lock systems of luxury cars, including Porsches, Audis, Bentleys and Lamborghinis.
2008 - Three MIT undergrads canceled a Def Con talk in Las
Vegas on hacking the “Charlie Card” payment cards for Boston’s
subway system after a federal court issued an injunction. A
judge later rescinded the order, allowing the students to go public.
2007 - Security firm IOActive Inc pulled a talk at Black Hat DC on bugs in radio-frequency identification, or RFID, technology,
saying it was pressured to do so by RFID technology firm HID
2005 - Cisco Systems Inc persuaded security firm Internet Security Systems to pull a discussion on hacking routers by researcher Michael Lynn at the Black Hat hacking conference in Las Vegas. On the eve of the conference, Black Hat organizers had workers tear Lynn’s presentation materials out of a printed handbook that was to be distributed to thousands of attendees. Lynn gave the talk anyway. Cisco obtained an injunction blocking further public discussion.
Reporting by Jim Finkle and Joseph Menn; Editing by Jonathan Oatis