Re: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
On Fri, 2005-07-29 at 19:06, Daniel Golding wrote: > I hope the leadership at Cisco reflects on this incident and will utilize > different tactics the next time this happens. Similarly, I hope the > cybersecurity folks in our governments realize that, while a strong > relationship with vendors is essential, they must recognize that vendors > have different goals than they do. Perhaps more importantly, ISS should try to get it's act together and realise they let a highly skilled and motivated researcher go over political issues that should have never influenced a true security driven company in their decision making. How on earth are you gonna try to maintain the image of an independent security company after a clear case of politics and behind-the-scenes shennenigans like these...? Erik -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl
Re: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
On 7/29/05 12:56 PM, "John C. A. Bambenek" <[EMAIL PROTECTED]> wrote: > > Remind me why I bother with information security when industry and the > government seems to want to ensure things can be pwn3d as easily as > possible... > If the "digital pearl harbor" does come to pass, this won't be remembered as a shining hour for Cisco, ISS, Homeland Security (which is also in the mix), or the FBI. I hope the leadership at Cisco reflects on this incident and will utilize different tactics the next time this happens. Similarly, I hope the cybersecurity folks in our governments realize that, while a strong relationship with vendors is essential, they must recognize that vendors have different goals than they do. The FBI raiding Lynn's house over a commercial dispute is too reminiscent of Cryptonomicon for me. - Dan
Re: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
Remind me why I bother with information security when industry and the
government seems to want to ensure things can be pwn3d as easily as
possible...
On 7/29/05, Fergie (Paul Ferguson) <[EMAIL PROTECTED]> wrote:
>
>
> Now the FBI is investigating Lynn for criminal wrongdoing?
>
> Kim Zetter writes in Wired News this morning that:
>
> [snip]
>
> The FBI is investigating a computer security researcher for criminal conduct
> after he revealed that critical systems supporting the internet and many
> networks have a serious software flaw that could allow someone to crash or
> take control of the routers.
>
> [and]
>
> The FBI declined to discuss the case.
>
> [snip]
>
> http://www.wired.com/news/politics/0,1283,68356,00.html
>
> - ferg
>
>
>
>
> >
> > Over on Boing Boing:
> >
> > [snip]
> >
> > Here's a PDF that purports to be Michael Lynn's presentation
> > on Cisco's critical vulnerabilities ("The Holy Grail: Cisco
> > IOS Shellcode And Exploitation Techniques"), delivered at
> > last week's Black Hat conference. Lynn's employer, ISS,
> > wouldn't let him deliver the talk (they'd been leant on by
> > Cisco), so Lynn quit his job, walked onstage and delivered it
> > anyway. (See yesterday's post and Scheneier's take for more).
> > 1.9MB PDF Link
> >
> > [snip]
> >
> > http://www.boingboing.net/2005/07/29/michael_lynns_contro.html
> >
>
>
Thanks,
j
RE: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
Now the FBI is investigating Lynn for criminal wrongdoing?
Kim Zetter writes in Wired News this morning that:
[snip]
The FBI is investigating a computer security researcher for criminal conduct
after he revealed that critical systems supporting the internet and many
networks have a serious software flaw that could allow someone to crash or take
control of the routers.
[and]
The FBI declined to discuss the case.
[snip]
http://www.wired.com/news/politics/0,1283,68356,00.html
- ferg
>
> Over on Boing Boing:
>
> [snip]
>
> Here's a PDF that purports to be Michael Lynn's presentation
> on Cisco's critical vulnerabilities ("The Holy Grail: Cisco
> IOS Shellcode And Exploitation Techniques"), delivered at
> last week's Black Hat conference. Lynn's employer, ISS,
> wouldn't let him deliver the talk (they'd been leant on by
> Cisco), so Lynn quit his job, walked onstage and delivered it
> anyway. (See yesterday's post and Scheneier's take for more).
> 1.9MB PDF Link
>
> [snip]
>
> http://www.boingboing.net/2005/07/29/michael_lynns_contro.html
>
