'SQL Slammer' Researcher Rethinks Disclosures

January 30, 2003

[From CRN]

The British computer expert whose research was linked to the weekend's damaging Internet attack pledged Wednesday to reconsider publishing blueprints for attack programs that exploit flaws he discovers in popular software.

Leading researchers have concluded that the software in Saturday's attacks was modified by unknown hackers from blueprints published months earlier by David Litchfield of NGS Software Ltd. The virus-like attack slowed e-mail and Web surfing-and even shut down ATM operations for hours at some large banks.

"One has to question whether the benefits are outweighed by the disadvantages," Litchfield said Wednesday in a telephone interview from his home in London. "I'm certainly going to be more careful about the way in which anything is disclosed."

The article continues at http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=39673