Cisco & Michael Lynn - Black Hat Cisco Gate
Cisco is a great company with networking gear and security products I like. They have a lot of great people, but in any big company there are bound to be a few "bad apples" and mistakes do get made as well.
A major mistake was made by Cisco. No, let's simply say disaster.
So bad that today, at least in the technical community, defending Cisco is like defending the devil!
Someone at Cisco make a very bad and STUPID decision to silence Michael Lynn, an ISS Researcher who quit his job in order to disclose a serious Cisco router vulnerability (LONG SINCE patched, although not all routers have the patch applied yet). I wrote about this earlier.
It has gotten infinitely worse:
Reportedly, Cisco (and perhaps ISS) has filed suit against Michael Lynn and Black Hat, and there were very recent reports that the FBI was searching Lynn's residence.
Lets try to get the Pope to stop praying. No, too easy, Let's try to suppress security information at a Black Hat convention - that'll be more fun.
The "suppressed" presentation is all over the Internet!
I said "bad and STUPID decision." I'm not talking from the moral perspective, but purely from the business perspective. A few within Cisco made horrendous business decisions! They weren't very nice either, and probably aren't nice people I'd like to have a beer or dinner with, unlike most Cisco employees I know.
I'm glad I don't run Cisco, at least now, but if I did, heads would roll!! The responsible parties, those who caused what may be a nightmare for Cisco, would be fired, tarred and feathered, etc. Let's be clear: the Cisco employees responsible for this PR Snafu would be fired. I'd have Cisco apologize, maybe offer Lynn a job, and try to move on.
For a somewhat civilized discussion, see what Bruce Sneier has to say.
I wish Cisco the best, I wish Michael Lynn the best, and I want the responsible parties in Cisco to be held responsible.
A major mistake was made by Cisco. No, let's simply say disaster.
So bad that today, at least in the technical community, defending Cisco is like defending the devil!
Someone at Cisco make a very bad and STUPID decision to silence Michael Lynn, an ISS Researcher who quit his job in order to disclose a serious Cisco router vulnerability (LONG SINCE patched, although not all routers have the patch applied yet). I wrote about this earlier.
It has gotten infinitely worse:
Reportedly, Cisco (and perhaps ISS) has filed suit against Michael Lynn and Black Hat, and there were very recent reports that the FBI was searching Lynn's residence.
Lets try to get the Pope to stop praying. No, too easy, Let's try to suppress security information at a Black Hat convention - that'll be more fun.
The "suppressed" presentation is all over the Internet!
I said "bad and STUPID decision." I'm not talking from the moral perspective, but purely from the business perspective. A few within Cisco made horrendous business decisions! They weren't very nice either, and probably aren't nice people I'd like to have a beer or dinner with, unlike most Cisco employees I know.
I'm glad I don't run Cisco, at least now, but if I did, heads would roll!! The responsible parties, those who caused what may be a nightmare for Cisco, would be fired, tarred and feathered, etc. Let's be clear: the Cisco employees responsible for this PR Snafu would be fired. I'd have Cisco apologize, maybe offer Lynn a job, and try to move on.
For a somewhat civilized discussion, see what Bruce Sneier has to say.
I wish Cisco the best, I wish Michael Lynn the best, and I want the responsible parties in Cisco to be held responsible.
posted by Ted Demopoulos at 5:30 PM
Comments on "Cisco & Michael Lynn - Black Hat Cisco Gate"
-
Security Goat said ... (Friday, July 29, 2005 6:36:00 PM) :
-
Anonymous said ... (Friday, July 29, 2005 6:54:00 PM) :
-
Anonymous said ... (Saturday, July 30, 2005 1:14:00 AM) :
post a commentWonder how many job offers Michael Lynn has had so far!
I'm not sure Lynn is a hero, but Cisco is looking like a villan for sure and is bound to lose market or at least mind share
This whole thing is STUPID!
Lynn could have toned down himself, Cisco could have stopped acting like Microsoft in full asshole regalia, and bloggers could stop stirring the pot!
Wonder if a massive Internet/router attack will result? Doubt it.
Does Cisco need better security? Everyone does.
Will Lynn get another job? He already has offers