AV firm defends legal action against security researcher
In 2001, Guillaume Tena claimed to have found a number of vulnerabilities in the Tegam's Viguard antivirus software. The company responded by initiating legal action against Tena and the resulting trial means the researcher could face four months in jail and have to pay a 6,000 euro fine. Additionally, Tegam is proceeding with a civil case against Tena and asking for 900,000 euros in damages.
Tegam's behaviour has been heavily criticised by readers of ZDNet Australia and numerous other sites for allegedly ignoring security vulnerabilities in its software instead of fixing them. However, Tegam is adamant that Tena's claims are false and his motives are questionable.
Eyal Dotan, head of research and design at Tegam, told ZDNet Australia that the trial is "more complex than it seems" because it is not just about someone exposing vulnerabilities in its products.
He accused Tena of sending an e-mail to the head of human resources at Tegam saying that their product was worthless and that he was going to prove it.He added that Tena's research was flawed.
"He did very simplistic 'vulnerability' research - by modifying Viguard's executable and data files on Windows 98 and showing that the program doesn't work well anymore," said Dotan.
In March last year, before the trial, Tegam published an article on its Web site discrediting Tena's findings.
According to Tegam's Web site, Tena's research claimed that Viguard uses a heuristic detection method or a signature database to function. The company said both these statements were inaccurate.
"Viguard's main advantage is that it does not need virus signatures to stop infections. Despite this response explaining the facts, the assault against the company continued".
The trial is being held in a Paris court and is expected to conclude on March 8, 2005.