RE: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
Now the FBI is investigating Lynn for criminal wrongdoing? Kim Zetter writes in Wired News this morning that: [snip] The FBI is investigating a computer security researcher for criminal conduct after he revealed that critical systems supporting the internet and many networks have a serious software flaw that could allow someone to crash or take control of the routers. [and] The FBI declined to discuss the case. [snip] http://www.wired.com/news/politics/0,1283,68356,00.html - ferg Over on Boing Boing: [snip] Here's a PDF that purports to be Michael Lynn's presentation on Cisco's critical vulnerabilities (The Holy Grail: Cisco IOS Shellcode And Exploitation Techniques), delivered at last week's Black Hat conference. Lynn's employer, ISS, wouldn't let him deliver the talk (they'd been leant on by Cisco), so Lynn quit his job, walked onstage and delivered it anyway. (See yesterday's post and Scheneier's take for more). 1.9MB PDF Link [snip] http://www.boingboing.net/2005/07/29/michael_lynns_contro.html
Re: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
Remind me why I bother with information security when industry and the government seems to want to ensure things can be pwn3d as easily as possible... On 7/29/05, Fergie (Paul Ferguson) [EMAIL PROTECTED] wrote: Now the FBI is investigating Lynn for criminal wrongdoing? Kim Zetter writes in Wired News this morning that: [snip] The FBI is investigating a computer security researcher for criminal conduct after he revealed that critical systems supporting the internet and many networks have a serious software flaw that could allow someone to crash or take control of the routers. [and] The FBI declined to discuss the case. [snip] http://www.wired.com/news/politics/0,1283,68356,00.html - ferg Over on Boing Boing: [snip] Here's a PDF that purports to be Michael Lynn's presentation on Cisco's critical vulnerabilities (The Holy Grail: Cisco IOS Shellcode And Exploitation Techniques), delivered at last week's Black Hat conference. Lynn's employer, ISS, wouldn't let him deliver the talk (they'd been leant on by Cisco), so Lynn quit his job, walked onstage and delivered it anyway. (See yesterday's post and Scheneier's take for more). 1.9MB PDF Link [snip] http://www.boingboing.net/2005/07/29/michael_lynns_contro.html Thanks, j
Re: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
On 7/29/05 12:56 PM, John C. A. Bambenek [EMAIL PROTECTED] wrote: Remind me why I bother with information security when industry and the government seems to want to ensure things can be pwn3d as easily as possible... If the digital pearl harbor does come to pass, this won't be remembered as a shining hour for Cisco, ISS, Homeland Security (which is also in the mix), or the FBI. I hope the leadership at Cisco reflects on this incident and will utilize different tactics the next time this happens. Similarly, I hope the cybersecurity folks in our governments realize that, while a strong relationship with vendors is essential, they must recognize that vendors have different goals than they do. The FBI raiding Lynn's house over a commercial dispute is too reminiscent of Cryptonomicon for me. - Dan
Re: Boing Boing: Michael Lynn's controversial Cisco security presentat ion
On Fri, 2005-07-29 at 19:06, Daniel Golding wrote: I hope the leadership at Cisco reflects on this incident and will utilize different tactics the next time this happens. Similarly, I hope the cybersecurity folks in our governments realize that, while a strong relationship with vendors is essential, they must recognize that vendors have different goals than they do. Perhaps more importantly, ISS should try to get it's act together and realise they let a highly skilled and motivated researcher go over political issues that should have never influenced a true security driven company in their decision making. How on earth are you gonna try to maintain the image of an independent security company after a clear case of politics and behind-the-scenes shennenigans like these...? Erik -- --- Erik Haagsman Network Architect We Dare BV tel: +31.10.7507008 fax: +31.10.7507005 http://www.we-dare.nl
