Researcher Resigns Over New Cisco Router Flaw

← Back to Stories (view on slashdot.org)

Researcher Resigns Over New Cisco Router Flaw

Posted by samzenpus on Thursday July 28, 2005 @12:02AM from the don't-go-down-with-the-ship dept.

An anonymous reader writes "Michael Lynn, formerly a researcher for Internet Security Systems resigned today rather than conceal his research into serious new flaws in Cisco routers, according to stories at Washingtonpost.com and CRN. Interestingly, Cisco says the the problem is not a security vulnerability, although it chided Lynn for not going through proper vulnerability disclosure channels. Both stories note that Lynn is in danger of being sued by Cisco for revealing the information, details of which were pulled at the last minute from the materials handed out to Black Hat attendees." Update: 07/28 12:23 GMT by Z : SimilarityEngine writes "Cisco and ISS are filing a law suit against Michael Lynn and the management of the Black Hat Conference, following Lynn's presentation discussing a vulnerability in IOS."

8 of 423 comments (clear)

It's All Good... by Cytlid · 2005-07-28 00:07 · Score: 5, Funny

It's ok, really it is. Karl Rove gave him the information.

--
FLR
Re:Hmmm, perhaps he needs whistleblower protection by Anonymous Coward · 2005-07-28 00:24 · Score: 1, Funny

Write your Congressoid.
Spelling! Did you mean Clowngressman?
C'mon, editors. At least scan the article. by ki4iib · 2005-07-28 00:25 · Score: 2, Funny

I know, I know. Mod me redundant. This is slashdot. The editors are on crack. Who Rs TFing A? But really. Not a security flaw? No, Cisco said it wasn't a NEW security flaw, but an extension of older ones. There's kind of a difference between "Not" and "Older-but-born-again". Mod me into oblivion now.
THAT WOULD BE VERY HARD! by Anonymous Coward · 2005-07-28 00:35 · Score: 0, Funny

"he" is a woman, and we nerds have hard time talking to those :(
Re:They Had Been Working on it for *4 Months*! by RegularFry · 2005-07-28 00:41 · Score: 1, Funny

"Working with" might just mean that ISS told Cisco, and they said "Yeah... We're working on it. We'll get back to you on that."

--
Reality is the ultimate Rorschach.
Re:Contact for Cisco's Point man on this by aussie_a · 2005-07-28 00:44 · Score: 2, Funny

Dear Mr Slashdotter,

I represent our friend Mojgan Khalili who has recently been come into some large sums of money. It turns out that CISCO has been paid by many Blackhatters to leave security vulnerabilities in their software. I am unable to have the money in my account as I am currently on the board of directors, but I feel terrible over what my company has been doing.

I request that you allow me to transfer the money to your account, so that it may eventually be transferred to Michael Lynn's account. For your troubles, I am willing to give you 10% of the five million dollars (U.S.). This is negotaitable if this does not meet your satisfaction.

Yours truly
Former ambassador of Nig^H^H^H^H^H^H^H^H^H^H^H
Mojgan Khalili's friend.
Nothing to worry about by Dachannien · 2005-07-28 00:47 · Score: 3, Funny

Let the Cisco network defend itself. Just like on 24.
Re:This could have been avoided by using apt-get by Debian+Troll's+Best · 2005-07-28 03:16 · Score: 0, Funny

I had some downtime while the 486SX rebooted.