Hi Sid,
Congrats on The Register.
I fully agree with full disclosure, but also following the governing rules of the security industry. However, that is a different discussion
As to the case – the reactions of the ISP is only too common. They get pissed off, and starts shooting the messenger because they know not what to do. I have given them, and others, some tips on how to react to similar events in the future on my blog.
Keep up the good work – now that you have learned that full disclosure is a truth with limits
Kai

Sid as I posted on the original blog – If you need any support in terms of proof – I have a copy of an email sent on the 16th March 2006 to Brett Coles @ Be pointing this backdoor out to them.

The statement Dana Pressman made last night on their official forum looks distinctly libellous to me.

Sid – I got two reply’s from Brett … both completely missed the point! I will admit that in my email to him I didn’t explain the consequences that thoroughly, but is that my job as a customer?

The first reply confirmed that he passed it to Shyam (their head of tech), the second contained this gem :

“I have asked Shyam to reply to this email direct to me so I can give more info on this topic, however this information is between us at this point and no official response will be sent until Tuesday (as I am traveling back to UK at this point)”

Needless to say I never heard another thing on the matter. That email was dated 17/3/06

Dan