Dailydave mailing list archives
Re: Lynn / Cisco shellcode
From: Alex Stamos <alex () stamos org>
Date: Thu, 28 Jul 2005 14:30:55 -0700
Word on the street (or dingy 60's style carpet?) is that...a) The lawyers for Lynn/Cisco/ISS were working out a deal this morning that would protect him from being sued, but that would prevent him from ever talking about his findings or performing more research on Cisco equipment EVER again. b) ISS has been working with Cisco on this issue for 6 months, and Cisco has been fine with the content for the majority of that time, and even approved the slide deck he sent to BH. Two or three weeks ago, the Department of Homeland Security called Cisco and asked for the research to be squashed, and that this decision was made at the John Chambers-ish level. ISS agreed quickly with Cisco (perhaps due to their large number of Gov contracts) but there were some negotiations over what to do. Apparently, Lynn made the decision to talk at the last minute, and totally surprised ISS.
Take it with a grain of salt, but that's what I heard from some plugged-in people.
My take: Winners in this saga:Jeff Moss - The complaints that BlackHat is getting too corporate and boring should be less loud. Plus, the word BlackHat is on the front page of WashingtonPost.com. Lynn? - Like Dan Geer, he went down in a spectacular style that guaranteed him 50 more job offers.
Losers:Cisco - The words Cisco and censorship are also on a lot of news pages. They might be trying to clean things up PR wise, but their initial over-reaction will make people think twice about responsible disclosure with Cisco forever. Better to just release it on IRC/SILC than get sued. ISS - Those bastards burned their own employee. Even if they had some justification, they might as well buy the ISS recruiter that I've seen walking around a ticket back to Atlanta. Lynn? - If the deal rumor is true, his ability to do his job might be massively impacted. I feel for the guy, but some people will think he sold out. Plus, it's never fun to be threated by a multi-billion dollar multinational.
-Alex ET LoWNOISE wrote:
I dont know but this issue isnt something like someone sending an email to everybody with propietary information. Even the bh-usa-05-speakers list specified what Lynn was going to do."Michael Lynn will provide an architectural overview of IOS and explore the feasibility of code execution against Cisco routers."This things are not published and prepared one day before the conference, its hard to think that ISS didnt have a clue about what was going to happen.On Thu, 28 Jul 2005, Steve Lord wrote:Mordy Ovits wrote:I'm not sure I agree with that last sentence Mordy. Depending upon how they handle it they may never see Cisco again, but there's a world of difference between X-Force losing major clients and ISS worldwide going down the pan, at least that's how I see it (not that I'd shed a tear for ISS if they did go down the pan, but that's beside the point).On Thursday 28 July 2005 09:14 am, Thor Larholm wrote:If that's true, than the biggest loser in this incident is ISS. Lynn may suffer, but ISS is ruined.While Lynn worked at ISS he was doing a source code analysis for Cisco.MordyIf ISS were doing a source code analysis, I do hope they have the right to sue the bejesus out of the guy. I'd also suggest that Cisco point the finger at ISS, rather than Lynn as he was under ISS's employ at the time he wrote the talk, even though he wasn't when he gave it and ultimately ISS is liable for his breach of NDA.However, if this turns into a DMCA job or a wacky piracy/terrorist-type criminal issue, it just gives me another reason not to return to the U.S. and remain in my undersea lair with my home-grown PVR, open-source systems and TOR-ified tin-foil-covered Internet connection ;)Steve _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Lynn / Cisco shellcode, (continued)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Saad Kadhi (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Christoph Gruber (Jul 28)
- Re: Lynn / Cisco shellcode Francisco Amato (Jul 28)
- Re: Lynn / Cisco shellcode Darren Bounds (Jul 28)
- Re: Lynn / Cisco shellcode Halvar Flake (Jul 28)
- RE: Lynn / Cisco shellcode Thor Larholm (Jul 28)
- Re: Lynn / Cisco shellcode Mordy Ovits (Jul 28)
- Re: Lynn / Cisco shellcode Steve Lord (Jul 28)
- Re: Lynn / Cisco shellcode ET LoWNOISE (Jul 28)
- Re: Lynn / Cisco shellcode Alex Stamos (Jul 28)
- Re: Lynn / Cisco shellcode Ejovi Nuwere (Jul 28)
- Re: Lynn / Cisco shellcode Michael Silk (Jul 28)
- Re: Lynn / Cisco shellcode Michael J Freeman (Jul 28)
- Re: Lynn / Cisco shellcode Mordy Ovits (Jul 28)
- Re: Lynn / Cisco shellcode Pukhraj Singh (Jul 29)
- RE: Lynn / Cisco shellcode Michael J Freeman (Jul 28)