First steps in public relations: when something goes wrong (1) say sorry (2) fix it (3) show how it'll never go wrong again. So, in the software business, when respected security experts uncover a vulnerability in software the company responsible gives a corporate 'oops' and sends out a patch to fix the problem. Now Hewlett Packard - motto: "the power of invention" - has brilliantly innovated a new way to deal with these alerts: they've threatened to sue the people who found the flaw (and who warned HP about it last year, it is claimed).
In a classic case of shooting the messenger, HP sent a letter to Snosoft, a research collective, earlier this week, warning them they could face a $500,000 fine and five years in jail for revealing a major flaw in its ageing Tru64 Unix operating system. The move is being made under the US Digital Millennium Copyright Act.
