Security researchers fired after giving talk to hackers
The pair of security researchers at Salesforce have been dismissed after giving a talk at Defcon regarding a malware testing tool.
Friday 11 August 2017 12:13, UK
Two security engineers at a large American technology company have been sacked after missing a warning text telling them not to give a talk to hackers in Las Vegas.
Josh Schwartz and John Cramb gave a talk to the Defcon security conference about a malware testing tool that had been developed internally at Salesforce, a large American technology company.
The exact cause of their dismissal has not been confirmed by the engineers or Salesforce, but apparently relates to an internal conflict at the company regarding plans to open-source the malware tool.
Lawyers and senior management figures at the company opposed the plans, which would allow other researchers to contribute to the development of its source code.
The open-sourcing of hacking tools has prompted concerns regarding legal liability if the tools are used for malicious purposes.
In a text message seen by Mr Schwartz and Mr Cramb before the talk, a Salesforce executive warned the speakers not to announce the public release of the malware tool.
The unnamed executive reportedly sent another message to the pair 30 minutes before they went on stage to tell them not to give the talk at all.
Mr Schwartz and Mr Cramb said they did not see the message.
They were fired "as soon as they got off the stage", according to ZDNet.
Digital rights organisation the Electronic Frontier Foundation says it is representing Mr Schwartz and Mr Cramb "with respect to their talk at Defon."
"We are not aware of any pending court action," said EFF's general counsel, Kurt Opsahl.
Mr Schwartz and Mr Cramb worked in Salesforce's "red team", an internal offensive hacking department which tests Salesforce's security from within.
As active members of the security research community they were eager to see the tool's source code be made openly available for other red team researchers.
Mr Cramb later tweeted to say that he and Mr Schwartz "both care deeply about MEATPISTOL being open sourced and are currently working to achieve this".
Salesforce, which is listed on the New York Stock Exchange and has a market capitalisation of more than $61bn (£47bn), refused to comment when contacted by Sky News.