• 12/21/2006
    1:55 AM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Tempest in a Tape Encryptor

NeoScale accuses rival Decru of scare tactics in publicizing CERT advisory
NeoScale downplayed a vulnerability note issued by the U.S. Computer Emergency Readiness Team (CERT), saying it already fixed the problem and accused a rival of exaggerating the risk.

CERT's warning this week detailed a flaw in the authentication process of NeoScale Systems CryptoStor 700 tape encryption appliances. NeoScale CEO Barbara Nelson dashed off a note to media and analysts today saying the vendor fixed the problem in the latest version of its firmware released this month and blamed competitor Decru for sending out misleading information to scare off customers. The CERT note confirmed that NeoScale's latest release addresses the vulnerability.

Decru, a division of Network Appliance, and NeoScale are the major tape encryption appliance vendors. (See Review: Tape Encryption Devices and NetApp Buys Decru.)

CERT, part of the U.S. Department of Homeland Security, collects and manages computer security threats.

"CERT characterized this vulnerability as one that could allow a malicious user to bypass additional two-factor authentication if [her emphasis] they had knowledge of a security officer's user ID and password," Nelson said in her letter.

Log in or Register to post comments