Roberto Preatoni

Following the arrest of Roberto Preatoni last year, there has been numerous speculations about the WabiSabiLabi project (where exploits are sold to the highest bidder - a kind of QXL for hackers). 

As Roberto is a professional, he and his team has spent time considering the risks and benefits of keeping him as the public figure of the project. After careful considerations, they have decided that the benefits are greater than the risks, and Roberto stays.

This is a normal process for any company in crisis. I am not a fan of WabiSabiLabi - although I do hear the arguments - but I am a fan of people being professional. Thus, I welcome Roberto back into the public light! 

The background is found here. Short:

Roberto is a well known and respected security guy from Italy. He did a consulting job for the Telecom Italy, where he took part in the Tiger team back in 2003-2003. The Tiger Team where there to do pentesting. Some of the Tiger team members where arrested in January 2007, accused of spying. Now Roberto got arrested on the same charges.

This list is with newest first – as I have found them, or they have been reported to me. If you know other sources not yet covered, please add your comments! I will try to keep this list up to date.

Nov. 10: A Spannish (I guess) blog on security covers the news. Just a quick background on Roberto.
John Dunn blog offers some thoughts.

Nov. 6. - 9: 

Edit: A good quality Techworld update - still nothing new.

Edit: Microsoft want Roberto at Blue hat!
Italian version of same news. And at the TeckNudge.

Edit: A few more coverages:

• Matasano has some very relevant questions.
• From CSOOnline.
• Buzzworld-compliant offers a link to the eweek post (see below).
• The Register has a pasteup here.

• eWeek covers the case here. A nice article that gives some background.
• This blogpost from Spoonfork at security.org.my offers a couple of highly relevant questions on security in general. Nothing new about the case, though.
• Planet-Websecurity offer some details, but nothing new. The article is copied from Sunnet Beskerming.
• Techworld covers it (seems like cut’n’paste of the Computerworld story)
• Ryan Naraine at Zdnet.com did some more digging.
• Security.nl posted this article. Translation is needed, but it seems like it is just a summery of the same we know at this stage.
• Digi.no (Norwegian) with some more details.
  Including that Roberto was on his way to the Paranoia conference in Norway. I am posting an update on this after I have talked to Arnfinn Roland, the guy who had to step in for Roberto.
• Computerworld who brought the news to the world.
• Dave Lewis had a short cover of the same.
• The news was first broken (to me) by Alex Echelberry over at Sunbelt.

Calling all security bloggers! We need to look into the Roberto case! 

Background:

I read the news about Roberto Preatoni over at the Sunbelt blog today. And I just have to make some comments. 

Alex has a nice writeup on the background on Roberto. And he use the background as proof that Roberto is clean. 

Let us take a look at the news side of things:

• Roberto is arrested by Italian police on spy charges
  
• He was hired by Telecom Italy to test their security
  
• His team decided to sip from the bowl, and 4 where arrested and charged with spy charges in January 2007 (they intercepted and hacked into communication of some quite prominent people)
  
• Italy is a country where media, politics, power and criminals/mafia walks hand-in-hand

In other words, if you mess things up, or create enemies at the wrong places, you are likely to get arrested. And if arrested, your rights are not the best anymore.

Anyway. Even in Italy, the police do follow rules, and they are not likely to fabricate evidence. Thus, Roberto most likely made a mistake - or did what they are accusing him of.

The challenge for the rest of us now is to filter out the relevant information. And keep the good work of Roberto alive. And hope he is wrongly accused and soon to be released. 

Just imagine how it would be to be in his shoes now. Working as he was for the good side (no evidence exists that he worked for the foes, as far as I know).

And suddenly he gets arrested. 

Let us help Roberto back out of jail. Together, there are many security bloggers out there - I bet some of you even know Roberto. Let us find out what is going on, and how we can help him!