Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Marian Prokop

Should Michael Lynn have told at Black Hat or not?

8 comments

IT TOPICS:Networking, Security

Among the latest developments in the Michael Lynn story at the Black Hat conference is that the research analyst was served with a temporary restraining order barring him from discussing the flaw that could compromise Cisco's unpatched routers . The order was filed by Cisco and Internet Security Systems, Lynn's former employer, from which he either resigned or was forced to resign after giving a presentation on how a malicious hacker could exploit a flaw in unpatched Cisco router software that "could crash those systems or intercept Internet communications." According to Red Herring, Lynn explained his actions by saying,

"I feel I had to do what’s right for the country and the national infrastructure,” he said. “It has been confirmed that bad people are working on this \[compromising IOS\]. The right thing to do here is to make sure that everyone knows that it’s vulnerable.”

Cisco and ISS disagreed and said releasing the data was premature, says Network World. The two companies also filed a temporary restraining order against Black Hat to prevent the organization from distributing video of Lynn's presentation.
But Network World says their effort may be too late and that some copies of the CD may be in circulation.
In a statement on its Web site, Cisco said it "respects and encourages the work of independent research scientists; however, we follow an industry established disclosure process for communicating to our customers and partners."
The statement continued: "It is important to note that the information presented at the Black Hat Conference yesterday was not a disclosure of a new vulnerability or a flaw with Cisco IOS software. The research presented explores possible ways to expand exploitations of known security vulnerabilities impacting routers."
The company also urged its customers to "upgrade their software to the latest available versions."
Let's hope this issue is resolved quickly and in a reasonable way that fixes the flaw once and for all and gives Michael Lynn his due.

Email this

Digg this

What People Are Saying

Add new comment

Ive known Mike for about 20

Submitted by Ryan H on August 1, 2005 - 11:45 A.M.

Ive known Mike for about 20 years now... and if the kid said he was doing th right thing... then he was doing the right thing!!!

Report this comment

Matters of national security cannot be driven by corporate greed

Submitted by Warguppy on August 2, 2005 - 2:06 A.M.

Abaddon absolutely did the right thing. Cisco's position that this is fixed is absolutely incorrect. What they have done is made sure that new systems are not vulnerable from the XML vector for any new equipment.

They have severely underplayed the potential for disaster here and made no active effort at all to strongly encourage their federal customers fix this immediately. Shame on them for letting it get this far. I am not sure what the basis of ISS's claim that they have a fix for this is based on. Are they going to put a Proventia box in front of the router? Shame on ISS for letting a vendor sweep this under. While Cisco has a big problem with its gear and IOS, ISS has a far bigger problem in that the trust level they have developed over the years is absolutely gone.

Matters of national security cannot be driven by corporate greed. It was bad enough when Enron destroyed the peoples ability to retire. Mike has made the single strongest case for open source and full disclosure. I too have known Mike for years and I am immensely proud of him. People are not harping on the real problem, that being that once virtual processes are an integral part of IOS this will be easy to script and worm.

Report this comment

Where's the patch?

Submitted by Anonymous on July 29, 2005 - 7:28 P.M.

I am puzzled that Cisco knew about the flaw but has done nothing to notify its customers or send them automaticaly a CD with the corrected version of their software as a protective measure.

Report this comment

Marian, you imply that the

Submitted by IT Blogwatch on July 29, 2005 - 5:52 A.M.

Marian, you imply that the vulnerability hasn't been fixed. If Cisco is to be believed, it was patched in April. The problem is that it's throught many routers remain unpatched.

Let's hope there's a silver lining to this cloudy tale: boosted awareness of the problem should cause more router owners to keep up to date with security patches.

richi.

Report this comment

Lynn's service to the public

Submitted by Mike on July 30, 2005 - 6:18 A.M.

I'm always fasinated when folks like Mike Lynn get toasted by the likes of Cicso, Microsoft or other large corporate conglomorates that sneeze and wake up law enforcement which in turn harass people like Lynn by perverting the use of law to silence those who do the computing public a service though the information disclosed about compromised operating systems.

These backdoors have been in place (deliberately) for many years now. Do you really think our's or any other government or covert group operating under the scope of public awareness will allow the public to freely communicate with each other in an age of elite deception capstoned by the ruling rich? Not likely, updated software, sure it's updated, with new and better hidden backdoors.

My hats off to Mike Lynn and others like him for his service to the general public well being, as we are deserved of our privecy no matter how desired others feel otherwise. Kudos to you, Mike Lynn.

Mike

Report this comment

I think Cisco and ISS should

Submitted by Josh on July 29, 2005 - 12:24 A.M.

I think Cisco and ISS should have allowed it and I think he was right to make it public. Takes some of the heat off Microsoft :) At least updates from Microsoft are free. Maybe Cisco is worried that this will bring too much attention to their sloppy code and some class action lawsuit will require that patches to fix security holes be free.
Cisco going after Lynn makes me question the $50K in switches I was just about to recommend to a customer. I'm not sure I can justify a price premium for their product anymore with how much they've blown this out of proportion.

Report this comment

Yes he should have, and it

Submitted by Wade on July 28, 2005 - 8:42 P.M.

Yes he should have, and it bothers me tremendously that, given such a large percentage of the internet relies on Cisco routers, that Cisco, in its greed and pride, is trying to squash Lynn in a vain attempt to make us believe that they have an inpenetrable system. I hope that Lynn will very much get his due!! My confidence in Cisco has just been greatly reduced!

Report this comment

Not only Yes, but Hell Yes.

Submitted by Mike on July 28, 2005 - 4:36 P.M.

Not only Yes, but Hell Yes. Damn Cisco and ISS for trying to cover this up.

Report this comment

The SMB Blues

Wi-Fi security: It's a good time to be a bad guy

How reliable is YOUR wireless network?

What your mother never told you about VPNs

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

Defending Against the Storm
Download Now

Mitigate Risk, Lower Costs and Improve Network Efficiency
Create a stable IP network that not only meets today's challenges, but is flexible enough to also meet future demands.

Share our Strength
Download Now

Preparing Your Business Services for the Future
Would you trust your network monitoring tools enough to know when something is truly halting a business service?

All White Papers | All Webcasts

Computerworld Reports

8 Questions To Ask About Your Intrusion-Security Solution

Computerworld Technology Briefings IT Service Management

Computerworld Briefing - Analytics: The Art and Science of Better

All Computerworld Reports

Receive the latest technology news and information.

	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10

View all newsletters

* E-mail Address:

* Industry:

* Job Title:

* Company Size:

* Country:

* State:

I would like to receive offers via e-mail from Computerworld partners.

Marian Prokop's Archive

IT Topics

Sponsored Links

Play NetApp's New Data Defense Game.

Return on Information: Google Enterprise Search pays you back. Get the facts.

How Do You Rank as an Innovation Leader? Download Recent Study.

See how AT&T can help protect your network.

3 Innovations. 3 Free Downloads. Free trials of Windows 7, Windows Server 2008 R2 and Exchange Server 2010.

Citrix NetScaler with nCore Outperforms F5 BIG-IP - Learn More

64-page prescriptive guide to security, compliance, and IT operations.

Streamline IT Costs. Boost Performance with WAN Optimization

Enterprise Network & Server Monitoring Software. Cross over to Traverse...

Increase UPS efficiency without sacrificing protection

Crystal Reports Server: Single server access to reports & dashboards

Create new opportunities. See business making progress now

ESET NOD32 with ThreatSense(R) - Get your free trial now!

Looking to add Unix/Linux functionality to Windows?

Join the conversation about the hottest IT trends with Computerworld on Twitter.

ITwhitepapers.com - Access thousands of white papers on 300+ technical topics.

Leverage Your Cisco infrastructure for Superior Application Performance

Learn about the AMD Virtual Experience

Introducing: Project Icebreaker

Stay informed with custom newsletters from Tech Dispenser

New DW Options and Price Points. View Teradata Platform Family Data Sheet.

To get a better view of your entire data center, you need a better vantage point. Improve your vision with Hitachi IT Operations Analyzer - Free 30 day trial

Play NetApp's New Data Defense Game.

Take the Netezza TwinFin TestDrive!

NetScaler VPX : Harness the Power of Virtualized Web App Delivery

Get more enterprise mobility value for up to 25% less.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion.

NYUs M.S. in Management and Systems. Offered Online and On-site.

Crystal Reports Server: More options. Not more money.

Parallelism is not just for HPC. Create rich apps from desktop to device. Get the eval.

Tolly Performance Report "Citrix NetScaler with nCore Outperforms F5 BIG-IP"

Save up to 61% plus Free Cheesecake

Find IT jobs in the Healthcare industry on Dice.com

With the NEW KODAK i700 Series Scanners get full speed at 300dpi!

Not All QSAs Are Created Equal: What You Should Know Before You Buy

The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability

The AMD Virtual Experience Virtual Trade Show

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

Computerworld

CSO

DEMO

GamePro

Games.net

IDC

IDG

IDG Connect

IDG Knowledge Hub

IDG TechNetwork

IDG Ventures

IDG.net

InfoWorld

ITwhitepapers

ITworld

JavaWorld

LinuxWorld

Macworld

Network World

PC World

The Industry Standard

Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.

Should Michael Lynn have told at Black Hat or not?

What People Are Saying

Ive known Mike for about 20

Matters of national security cannot be driven by corporate greed

Where's the patch?

Marian, you imply that the

Lynn's service to the public

I think Cisco and ISS should

Yes he should have, and it

Not only Yes, but Hell Yes.

Related Posts

Today's Top Stories

Hot Posts

Recent Comments

White Papers & Webcasts

Computerworld Reports

Newsletters

Marian Prokop's Archive

IT Topics

Sponsored Links