Cisco Source Code Up For Sale: Only $24,000
spackbace writes "The notorious, mysterious Source Code Club (SCC) has re-emerged, this time selling source code for a Cisco application in another blatant violation of copyright regulations.
Believed to be an anonymous collection of hackers, the SCC this week announced in a posting on a group Web site that it is offering the complete Cisco Pix 6.3.1 source code for US$24,000. Cisco Pix is a firewall application providing security, intrusion protection, network monitoring and other services for business and carrier networks."
Take a cue from SCO and drop the price to $699. That way EVERYONE will buy it!
From my experience with PIXen, it's certainly not worth that...
there is no ebay-link this time... :)
But still i sense the good old "want to sell something? Advertise with a slashdot story" sprit
HI O WISE PRINCE. WHT TOOK U SO DAM LONG?
Anyone here has the source code for Linux OS? I'll pay roughly $2-3 grands via Yahoo Paydirect.
but i'm in California and I don't want to pay tax on it.
If you think
It's not worth all that much to them sitting on their drives anyways. Who knows, some wacko might actually pay!
But really it's just to generate bad publicity for cisco
like mitnick proved, it only takes one idiot with social skills to bypass your firewall.
Also on offer, apparently, is the Enterasys Dragon IDS 6.1 intrusion detection system (IDS) software for $16,000 and an old Napster file sharing code, a snip at $10,000.
The original name behind the group was one Larry Hobbles who now seems to have disappeared. The Source Code Club is now said to be hawking a list of other stolen code to anyone who buys one full copy of the source code for sale.
http://www.busyweather.com/
Indeed, as in the Mitnick case, one idiot *did* do it...
Isn't going to start handing it out for free.
The only real reason to want the code is to find exploitable holes in the software. If you're paying 24k so you can do that you presumably want to use those exploits for a purpose. Releasing the sourcecode and risking exploits becoming public (and then patched) devalues your investment.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Sure enough, here's the CISCO Pix file listing and the "newsletter".
The value of this intellectual property is not defined by the cut-and-pasteability of source code into a company's product. Certainly, this is not the likely application for any would-be buyers. Instead, knowing how the #1 router company in the world implements stateful packet-filtering on an embedded device is a very worthy piece of knowledge that can be used as a basis for the design of anything that touches a packet.
In addition, Cisco spends hundreds of thousands of dollars in their support organization identifying hard-to-find interoperability issues and exception cases, testing things out in the lab, and then coding up fixes. All of these real-world experiences and corresponding code work-arounds that impact every other firewall/VPN/routing product on the market are captured in this source code.
Cisco PIXes have proprietary integration with third-party products, such as IDS systems, content-filtering proxies (e.g. WebSense), etc. This source code surely exposes these APIs, which are covered by Cisco's own NDA with these companies and are coveted by anyone trying to integrate with such closed-source commercial offerings.
Were it legal, it'd be a bargain!