Slashdot Mirror
Cisco Accused of Orchestrating Engineer's Arrest
alphadogg writes "Cisco Systems orchestrated the arrest of Multiven founder Peter Alfred-Adekeye last year in order to force a settlement of Multiven's antitrust lawsuit against Cisco, a Multiven executive said on Wednesday. Multiven, an independent provider of service and support for networking gear, sued Cisco in 2008, alleging that the company monopolized the market for its software. Cisco countersued, charging that Alfred-Adekeye hacked into Cisco's computers and stole copyrighted software. In May 2010, Alfred-Adekeye was arrested in Vancouver, Canada, on 97 counts of intentionally accessing a protected computer system without authorization for the purposes of commercial advantage, according to his arrest warrant. He could be sentenced to 10 years in prison and a $250,000 fine if convicted. The arrest came to light only this week after local Vancouver press reported it."
Remember the coal labor camps of the early 1900's where workers were brutally beaten and arrested if they didn't serve the company? Where even the most cooperative fellow would 'owe his soul to the company store'?
What's the difference nowadays with the way that major corporations treat their workers, and all in the name of serving the CEO's paycheck.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
Not only are Cisco devices over-priced from the beginning, they are somehow not liable for the problems they might have when vulnerabilities are discovered. Fixes are only available after Cisco is paid for them and, once again, the fixes come without guarantees as well.
Most people never get close enough to the networking hardware and infrastructure to experience this and so they remain under most people's radar. But as the article states, other vendors do not charge for updates.
By industry standards and practices, they are definitely "not usual." But is it illegal? Are they abusing monopoly power? I guess that's for a court to decide. But if it can be shown that Cisco fabricated evidence that resulted in the criminal arrest of someone who has filed legal action against Cisco, then huge problems should result for Cisco executives including but not limited to prison time. I find this to be a very interesting case indeed. I hope we can follow this case in more detail as new information comes out.
so use juniper.
time for a law saying you can hack any hardware that you own?
Apple tried to use the unauthorized access part to lock out people from hacking the iphone and the courts said you can hack them for any network and any app.
Now what if say M$ made you pay for bug fixes and used the law to shut down 3rd party updates?
What if dell locked systems to windows and used the law to shut people makeing a run any os bios hack?
If they want go down the road of need to buy the software to run on there hardware it time for brake out the costs so on a mac systems there needs to be the hardware price and then the mac os / mac os boot rom software price.
The cable box needs to list the hardware rent price and the guide / software use fee in the price.
All PC systems need to list the cost of the windows OEM price with a easy way to say no the windows part.
Cell phones need to list all costs.
Government by the corporations, for the corporations.
War is Peace; Freedom is Slavery; Ignorance is Strength.
With slavery and injustice for all (except the CEO).
Remember that Cisco probably sold a lot of equipment to China to build its 'Great Firewall'.
Dont believe me? Check it out:
http://www.wired.com/threatlevel/2008/05/leaked-cisco-do/
I hope Cisco pays through the nose for this.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
The thing that surprises me the most is how often IT workers think that they need Cisco gear. There is very little that Cisco devices can do that cheaper third-party-- and sometimes even commodity hardware!-- cannot do. That is, unless you're running a proprietary Cisco routing protocol, or need to feel the mystique of running 'enterprise' gear.
We dumped our Cisco gear years ago after attending a presentation on OpenBGP (in which the presenter talked about routing his Internet2 connection with a P4) and we haven't looked back since. And the equivalent Cisco machines for our border routers cost an order of magnitude more.
I agree, I replaced over $10,000 of Cisco gear with a 2x Intel Atom miniITX machine, cost us about $1000.
So, why do you buy Cisco hardware? There are plenty other manufacturers of networking kit, even HP and Dell sell network kit.
Having to buy a "support contract" for bug-fixes is bullshit. Cisco needs to separate their releases into two groups - bug fixes and new features.
Buy a contract and you get the new features, and hardware support. Forgo the contract and all you get is bug-fixes.
Let's not forget, if the product shipped with flaws, the manufacturer is obligated to fix them. We would accept no less from any other industry, and in some cases, warranty support is required by law.
-ted
Ugh, no kidding. I'm in IT at a medium-sized company, and our network admin I swear jerks off to Cisco porn or something. Cisco this, Cisco that, Cisco the other thing, constantly. And most of their equipment is barely being used for anything that would warren
How about arresting Apple?
I'm pretty sure that a company can't be arrested.
"Lame" - Galaxar
Denies it and makes claim against the other party. More at 11!
it will be interesting to see what evidence they do have. His claim maybe valid - but I don't find the fact he refutes it anything special.
What major vendor does not charge for updates? Juniper? Alcatel? I don't think so. If you have a support contract, you get the updates, if you don't, then no cookie for you.
And as far as I know, every vendor has disclaimers as far as their products go. Open-source routing software (which does perform very well in most circumstances) have disclaimers all over them too. So which vendor, exactly, offers you any guarantees such that it makes you say that Cisco stands alone in not offering any?
Sonicwall also charges for updates. If there's a vulnerability in 5.5 and you don't have a support contract with them then you can't download 5.5.1.
Its an industry problem. These companies need to offer security updates for free. If this means rolling the cost of the support contract into the device itself, then fine, but the status quo of buying something and only having 30 days of updates is terrible.
OK, this guy is a Cisco competitor involved in some legal dispute with the company that's being resolved in a civil court. He also is suspected on reasonable grounds to have committed a bona-fide crime against the company at the same time -- Cisco asks law enforcement to investigate the crime and arrest the criminal. That's not 'orchestrating' anything, nor does his status as a competitor that's suing the company have anything to do with the matter. Lawsuit or not, no one is entitled to break into Cisco computer systems -- the law doesn't say "You cannot gain unauthorized access to a computer system unless it is owned by a douchebag corporation that overcharges and dicks over the used market".
There is no mention in TFM (which is largely sourced from unnamed "Multiven Execs" -- unlikely to be objective) that Cisco fabricated the evidence of the break-in or conspired to entrap the guy. He committed a crime, they sought his arrest which is 100% within their rights. They don't surrender protection of criminal law just because they are douchebags.
Since /. loves car analogies, suppose we got in a car accident that was totally your fault but you dispute that and want a trial. Then on the night before the responsibility hearing, I throw a brick through your windshield. Does the merits of the civil trial have anything to do with whether I can be arrested? Would it matter if you were universally considered to be a jerk that screws everyone over?
That is what MOST countries.
Are they abusing monopoly power?
Generally, in order to 'abuse monopoly power' they actually have to be a monopoly, and they are about as far from it as you can get. They are exclusive providers of nothing. They happen to be devices that people (us router flunkies) happen to approve of and use in most cases, but they aren't the only game.
Cisco fits the middle ground areas well, but you don't use them at the high end. Juniper can provide bandwidth Cisco simply can't handle. You don't use them at the low end as they are just over priced, though you might use their gear in small offices anyway if you want to tie it into the a larger Cisco centric management system with fewer headaches.
The Multiven case some how revolves around they fact that they get 'hurt' because Cisco doesn't give out software updates ... Then use someone else if you don't want to pay for updates. Multiven isn't being treated differently. Cisco hasn't changed this sort of behavior recently, its been that was for 20 years.
There really hasn't been any indication Cisco manufactured evidence, only heresy from the guy trying to get out of going to jail, and he only started saying that crap after he a delay (that could happen for any number of reasons) came into play that made room for his statements to seem plausible. If they were fabricating evidence, he would have started making those statements the instant he was arrested, not months later.
Cisco isn't your friend, but there is no indication here that they've actually done anything wrong. The only thing there is at face value is a guy who thinks he should get a bigger piece of the pie and he's trying to use the court system to do so. He is losing. Seems like things are working about like they should.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
You don't buy Cisco because of the features, you buy Cisco because of TAC. At 2:30 AM when you have 96 phone lines down, the call center opens in 3 hours, and you're getting call supervision with no voice traffic, you call TAC. I got an engineer out of their Sydney office on the phone in 14 minutes, and we had the problem resolved within an hour. (It was a telco provisioning problem.) Having someone on hand to support a problem 24 hours a day, and a supply chain that can send a part out in 4 hours is a safety net worth paying for.
LOAD "SIG",8,1
LOADING...
READY.
RUN
Not having looked into the actual numbers, this seems like it could be done cheaper than the price difference between Cisco and non-Cisco equipment. Especially for org's that use more equipment.
It's called advertising. Even supposedly independent minded engineers will start to believe that Cisco gear is better than the other guy's if he hears it often enough.
There's no point in questioning authority if you aren't going to listen to the answers.
According to what I read, the "evidence" to support his arrest has not been produced and delivered to the Canadian authorities. The claim of intrusion was made by Cisco to the US Secret Service. (The US Secret Service wouldn't just do this without a complaint or someone in high places issuing the directive after all.)
So this guy was arrested on criminal charges for which no evidence has been provided. This smells "not right" somehow.
Of course, this is unlikely to happen, seeing how politically well-connected Apple is, and how responsive police & prosecutors are in the presence of political connections and the absence of large public outcry.
People who learn on Cisco hardware tend to think of networking concepts in terms of how Cisco presents and manages them. A good example is 802.11Q. Cisco has this concept of trunking that a lot of other hardware vendors facilitate through simply tagging/non-tagging. If all you know about networking is what you learned from Cisco Press(tm), you will have a hard time getting that HP switch to pass tagged frames to your Cisco network, and ultimately give up saying "Ugh, HP switches suck, we need Cisco gear".
My guess is the lawsuit actually brought to Cisco's attention that they had been hacked because he had access to information that was only available through Cisco. It's likely that his lawsuit is how the crime was discovered so I find no reason to be sympathetic to him. If you are going to break the law then sue someone using the information you obtained breaking the law you shouldn't be surprised if you are arrested for it.
Amen man. You put out the best reply on the entire article page today because you cut right through to the truth of things in the world today. The only correction I'd make is big money (not necessarily just corporations) is at the heart of every dishonest shenanigan going on, on this planet, today. The old adage of "just follow the money" can lead anyone to that simple conclusion. My observations have led me to believe there are no real governments. They are only the puppets and face men for big money's interests around the globe.
The orchestrating part is where the evidence of the crime (required for the extradition) hasn't been sent to the Canadians yet. They've had 10 months to provide evidence of the crime, but have not been able to produce it. So, the civil case, which was getting close to going to a Jury trial, got settled because the guy got arrested. This is one heck of a coincidence.
Sleep: A completely inadequate substitution for Caffeine.
In the hundreds of devices I've tested (many of them several times), I could detect one trend : Cisco is rarely best-in-class, but are rather average everywhere. There's one area where they are very good, and most of the time the best : switching packets from NIC 1 to NIC 2. This is not surprising as this is where they come from: routers and switches. But as soon as you get into the higher functions, especially above layer 4 (where stuff begins to be stateful and you need to keep track of all those nasty TCP states), they are very rarely best in class - when they are, it's for throughput, the easiest part.
As soon as you start testing TCP Establishment Rate, Concurrent Connections or SSL performance, they are not so good. For Load Balancers, F5 usually is best in class. For firewalls, Checkpoint tends to lead. For proxies, BlueCoat is definitively a leader. And so on. But again, they are never bad, simply not best in class (see this news about a NSS testing of a major firewall testing).
I guess for some people is reassuring being able to order all your network devices from the same company - and negotiate a discount once and for all. Personally I'd rather have the best in class all the time, but that's just a geek's dream. That's not how the corporate world works.
I don't like Cisco's bugfix policy either, but that said, it is not unheard of for enterprise HW/SW vendors to only provide fixes to customers with a current contract. If you haven't paid for a warranty, you aren't entitled to HW fixes, why should you be entitled to SW fixes?
If you want to pursue anti-trust violations because you think this is unfair, fine, but the WRONG way to go about it is to violate their policies (prior to the change) and then get caught.
It sounds like this guy's entire business model (providing aftermarket service) is built around getting those fixes. If they were downloaded in the absence of a valid service contract, then I can guess this could be a valid criminal charge.
This, and Cisco is also the IBM of networking gear (IBM as in "nobody ever got fired for buying IBM").
Imagine you're in charge of buying network gear, and you go for a smaller, unknown vendor. Later on, if there's problems, your boss (and your boss's boss) will be saying "why didn't you go with Cisco? If you did, we wouldn't have these problems!". If you DO go with Cisco, and there's problems, then even if they're not solved quickly and satisfactorily, you can still say "don't blame me, I went with Cisco". It's a name even the suits will recognize, and respect.
Yes, it's a pretty classical example of Cover-Your-Ass in action, but why should you, realistically, be expected to take one for the company? If you don't go with Cisco, they benefit (they save money), and you suffer for it (because your job'll be less secure). Why should you make that deal?
Same reason that e.g. Windows is so prevalent still. It's not because it's better; it's because of inertia and because everyone knows it, even the non-techies.
I haven't had a helpful TAC engineer in something like 5 years, and then only because we'd spent hours with their low-level filter people, correcting the SQL statements they were attempting to run over their remote session. They ended up replacing most of the hardware in the server (which was a nightmare in and of itself... and took far more than 24 hours) only after having us wipe and rebuild it from scratch, and that system still doesn't operate quite right. TAC is the thing that SmartNet is LEAST useful for... my only purpose in having it is to get software updates in a legally compliant fashion. I'll grant you that when I started in networking 10 years ago, I was amazed by TAC. Since then, either I've improved or they have declined.
Sounds like any perfectly legit multinational corporation with too much marketshare just keeping "the competetive egde". Does this make anyone else remember Major General Smedley Butler, USMC's words?
This is way beyond sad. The last thing IT world needs are extraditions, even if the guy was quilty of the charges. If it takes 10 months to gather (make up) evidence, that makes me think he is innocent. I wonder how they are going to get anything posted as valid evidence, or are the separate laws for evidence against US nationals and foreigners? Thankfully the canadians seem to behave rationally most of the time, from what I've read.
HP switches do suck... mainly because the of their crap firmware and cheap interface chipsets.
Most problematic hardware that I've ever dealt with.
It takes a lot to pierce the corporate veil. You need to have evidence of something in order to go after individuals within a company.
The issue here from the article is twofold:
1- Cisco had the engineer in question (a key witness in a case taking place in the united states) meet them in Canada before he had to make a statement in the united states. At the same time Cisco also identified to a US prosecutor that a hacker had broken into there computers and was fleeing to Canada- indicating that they had evidence. He was subsequently arrested in Canada, and missed his court appearance in the states. Had they just waited he could have been arrested upon his return to the states, but then he would have been able to make his court appearance.
2- The US prosecutor has not been able to present the evidence of this hacking attempt so that Canadian authorities can send him to the united states to face trial, and they have been so slow at responding to this statement that the Canadian authorities are accusing the US prosecutor of having grossly exaggerated the concreteness of the charges.
Now it COULD simply be that fortuitous timing and a grossly incompetent prosecutor have combined to be radically in cisco's favor, but at least the possibility that cisco may have engineered for this to happen needs to be investigated as it would seem EXTREMELY convenient if not.
Make sure your flanks are secure before you launch an attack.
Cisco is not the only network vendor with 24x7 TAC! We dumped Cisco several years ago for Foundry (now Brocade) and Juniper. Both have same level of T
The answer to that is use Juniper, Brocade or Foundry.... It's not like there aren't large networks out there who use equipment from those companies. Cisco's wide spread, but Juniper is nothing to sneeze at.
"97 counts of intentionally accessing a protected computer system without authorization for the purposes of commercial advantage" I wonder how he did this? Did he used some ID/password that belonged to another person? I'm worried because I MAY have done that.
The orchestrating part is where the evidence of the crime (required for the extradition) hasn't been sent to the Canadians yet. They've had 10 months to provide evidence of the crime, but have not been able to produce it. So, the civil case, which was getting close to going to a Jury trial, got settled because the guy got arrested. This is one heck of a coincidence.
It's not a heck of a coincidence to imagine that a party to a lawsuit might break into a protected computer system owned by their opponent for the purpose of gathering evidence to use at trial. It is not a coincidence at all, in fact, that these things would come to light at the same time either since the first Cisco might have learned about the break-in was precisely when some non-publicly available document was entered into evidence. So "10 months" might have been a few weeks from when Cisco was actually aware of the crime. You will need more that circumstantial evidence to establish that Cisco intentionally withheld evidence -- at least if you want that claim to be at all credible. Accusations are pretty cheap.
I'll also note that you haven't at all refuted the key question, which is whether there is sufficient evidence to believe the individual whose extradition is sought committed the crime and merits a trial. Honestly, it's hard for me to imagine any other question that's relevant.
In general, Cisco equipment seems to have better failure resilience -- their subsystems are more isolated from each other. The gear is pretty rock solid with the features that work -- all the trouble comes when trying new features which may or may not work. They also manage change relatively methodically, which is a good thing in must-be-stable environments. Though, their quality in this department has been flagging as of late.
That said, HP is now eating Cisco's lunch by offering relatively capable edge switches at a fraction of the cost. There's only so much price differential Cisco's TAC and generally stability is worth on the edge -- when you have a lot of L2 switches to upgrade and they are not supporting "million dollar loss for every hour of downtime" clients, believe it or not you'd prefer to spend that money on manpower to deal with the less robust/flexible platform, and come out ahead in the end.
As to why Cisco retains marketing share despite their inferior pricing and terms, it is because they get out in front and make sure that people learning how to do networking support learn on Cisco gear. This makes any other equipment feel alien. They do this to the extent of creating their own alphabet soup of acronyms and feature names that require constant retraining to keep on top of, retraining which they are glad to sell you. They build their CCIE certification up to be some sort of doctorate, and many a PHB will put their certifications into job requirements. The general idea is to keep people so busy getting good at Cisco that they do not have the time to explore other vendors, and for the most part it works.
The best defense for competitors IMO is to beat Cisco on clear, thorough, and well organized documentation, because they are losing their edge, but I don't see that happening anytime soon, judging from the awful quality of most other vendor's docs. Well done docs come in very handy pre-sales, because there are still a lot of sane shops where the engineers choose the candidates for new purchases and know in advance some extremely detailed features they need to have. If they can find that feature (in a manual, not a sales brochure), and verify that it looks sanely implemented, by browsing online docs, that's a huge foot in the door.
Someone had to do it.
My experience has been that the big draw is uniformity - it's okay to be using various and sundry equipment when you're just kitting out a single office, but if you've got dozens of metropolitan service area, each with one hundred or so devices, then it's very helpful to have them all come from the same vendor. Even introducing a single "odd" device to each setup adds quite a bit of complexity. Cisco is the only vendor that has every device, so that helps immensely.
On the other hand, no few Cisco devices weren't actually designed by Cisco, so in practice this often doesn't work out anyway.
Why not? They try to claim citizenship rights in the United States (right to lobby, buy senators / congressmen - covered as *donations* and *information gathering trips*), etc...
Let's force them to uphold that citizenship standard - ability to arrest all officers of said company at time company did the illegal act. Make them register for the draft.
etc...
If they want the rights, they get the responsibilities shoved down their throats with a double edge razor sharp, cyanide coated sword.
The issue here from the article is twofold:
Where "the article" is statements from Multiven executives.
At the same time Cisco also identified to a US prosecutor that a hacker had broken into there computers and was fleeing to Canada- indicating that they had evidence.
And the DoJ and State seemed to think that the evidence had merit. Are you disputing that the evidence suggests he committed the crime or merely insinuating that?
I want to make clear that I'm not stating that I think he did it. I'm just saying there is a normal extradition/trial process that we ought to follow to figure out whether he did the crime, same as any other criminal that is accused of a crime. He does not deserve special protection merely because he is involved in a civil suit with the potential victim.
This is why we have procedures for arrest/extradition/trial -- so that we don't have to judge individual cases on an ad-hoc basis but instead have a formal system of justice. Canadian procedural protections in the extradition process are relatively strong, so I really don't get the complaint.
The US prosecutor has not been able to present the evidence of this hacking attempt so that Canadian authorities can send him to the united states to face trial, and they have been so slow at responding to this statement that the Canadian authorities are accusing the US prosecutor of having grossly exaggerated the concreteness of the charges.
No, the guy's attorney has made that accusation -- the Crown maintains they acted within the scope of the extradition treaty. From an article linked by TFA:
U.S. prosecutors colluded with computer giant Cisco Systems, Inc., to mislead the Canadian government and B.C. courts into invoking emergency extradition powers to jail a British computer entrepreneur, B.C. Supreme Court heard Monday. [...]
"Almost nothing in the U.S. attorney's letter was true," Vancouver lawyer Marilyn Sandford told Justice Ronald McKinnon Monday. She called the U.S. conduct careless, cavalier and Kafkaesque in her application to halt the extradition so Adekeye can return home to his wife and child in Switzerland.
http://www.vancouversun.com/news/Cisco+prosecutors+duped+court+extradition+lawyer+says/4638201/story.html
Of course, if that accusation is true then it would be damning. On the other hand, if the Crown/DoJ's accusations are true, the guy is guilty of hundreds of felonies. This is why we have a procedure to sort out which (if any) set of charges is true and which are false -- because a priori there's just a bunch of unproven statements.
The ugly, greedy, juggernaut raises its head to swallow innocent and guilty alike. When does it end?
The mind conceives, the body achieves, the spirit manifests.
Mod parent up- this is the truth in my experience.
Because this is news for nerds. If you want news for paranoid delusionals there are other places on the internet for that.
Not only are Cisco devices over-priced from the beginning, they are somehow not liable for the problems they might have when vulnerabilities are discovered. Fixes are only available after Cisco is paid for them and, once again, the fixes come without guarantees as well.
But I thought the reason to go with proprietary solutions was accountability? And what does all that certification mean if it doesn't come with a guarantee?
Twinstiq, game news
This makes no sense. 802.1q is an IEEE standard, not something Cisco invented.
If there was evidence, it would have been provided to the Canadian authorities by now. 10 months is a damn long time to rot in a cell.
Agree. The similarities kinda end when Cisco doesn't cause the death of people. But that isn't black and white either. It would ignore the fact that while they don't really have a large presence in totalitarian governments, they kinda don't care about who they do business with because indirectly oppressing people is profitable.
I8-D
I contend that you'd be better off using the money saved to develop in-house expertise. Firstly, an organization's network is domain-specific knowledge in the extreme. Secondly, smarter engineers tend to result in better network designs, e.g., the kind that do not have the kind of urgency that they need to be fixed in the middle of the night. Your own people should be better at solving those kinds of problems, or else they're not earning their paychecks. Outsourcing gruntwork, fine. Outsourcing thinking? Bad idea.
After multihoming one of our offices, it was quite a revelation to me when one of our lines went some some months later. Nobody even noticed, except me. That gave me the freedom to fix the problem without having to worry about whether I should tell management to send people home. Also, being able to SSH in from home to fix a routing issue? How f'ing cool is that?
The funny thing is that many (not all) of the companies you mention are simply rebranded versions of OSS tools. Checkpoint, for instance, is FreeBSD (at least, the box we had was). BlueCoat? Same deal! We discovered that we could do all of the functions of those machines, and more, with a couple generic OpenBSD boxes, pf, and pfsync, and they're a HECK of a lot cheaper.
Until now, I would have assumed there was no possible way Cisco could count as a monopoly. To many competitors with sizable market share, and real competition from some big dogs like IBM for parts of that share, would say Cisco simply couldn't pass the monopoly test part of antitrust law.
But, having some parts of the federal judicial system available to issue warrants without probable cause is certainly an asset their competitors show no signs of having or misusing. The normal list of assets that could make a company a monopoly includes such government related things as state granted right of ways. Corrupt judges aren't on that list, but it's easy to see why people who believe the fix was in would see this as a monopoly. What's worse is the number of cynics who think corrupt judges are simply to prevalent to let anyone get a monopoly on them.
Who is John Cabal?
Umm... No.
My Intel CPU has 128 64bit general purpose registers. Although I'm pretty certain that nearly every single program on my computer uses these registers, I've never given *any* of them explicit permission to use them. Most people don't even know about these registers, and therefore cannot give consent to their use, by your logic. Therefore, every single program running on our computers is accessing our computers in an unauthorized manner?
Authorization is a big grey blob, not a nice black/white subject.
On Topic: I suspect the timing, and not the persuing the prosecution of the crime itself, is orchestrated by Cisco. This is a very interesting story to follow. I really want to be on this guy's side, if not for a mere "David Vs. Goliath" interest. But the evidence does point to him illegally gaining access to Cisco's computers and stealing code, so it looks like David is using a stolen rocket launcher, and not a home-made slingshot, in this case.
Right. No, your other right. No, the other other right.
ADTRAN does not charge for updates and provides a 10year warranty and free tech support including 24x7x365 phone support
That because cisco has leveraged hardware extensively for just that purpose. It's rare for CPU to get involved in forwarding a frame or packet on a cisco router or switch. That's in part why they're so expensive - its all done in ASICS, and even the memory is hard-wired for bitmasking searches.
"We are all geniuses when we dream"
- E.M. Cioran
There, fixed that for you - a lot of companies who buy Cisco products don't need that level of support, and yet are paying for it anyway because Cisco is the "enterprise" solution.
Yes. Jail time accumulates once per access.
Were they really broken into? Or did he download bugfixed IOS images for redistribution to his customers with cisco gear?
"We are all geniuses when we dream"
- E.M. Cioran
Oh, shut up. Seriously. You have no idea what you are talking about. If I had to build the expertise for every freaking peice of hardware and software in my company and do so internally, i'd be broke. You partner with folks who have the expertise. That means not going with the low cost vendor.
Canadian extradition works under a simple (well, sort of) premise:
Is there enough evidence for the accused to go to trial in Canada if charged with the same crime?
If the US has not provided the details of the accusation then by matter of law, he should be released. By law, he should have been released after 30 days, 90 if the minister approves an extension, but no longer than that (see sections 40-43 of the Extradition Act.
If Canada is continuing to hold him, they most certainly are breaking law, and there can be severe repercussions for doing so.
When hardware fails en-masse beyond a warranty period, sometimes (good) manufacturers will still do a recall. See in particular the cases of automobiles etc with safety recalls. In other cases it's often the simple fact that most physical (and especially moving) components break down over time. Also, if the fan belt breaks on my car, or the hard-drive dies on my PC, then I have the often of self-service, repair, or replacement beyond the vendeo (of the card/PC).
With software, a lot of bugs are due to a mistake on the case of the vendor. Race conditions, buffer overflows, infinite loops etc can be prevented in many cases with proper coding care. However, in non-FOSS software, nobody can really fix the bugs except the vendor, and there's just like the "evil mechanic" stories there's also the stories of vendors who deliberately place bugs (or at knowingly leave them unfixed until future releases).
In code though, bugfixes are often time to future releases, which also contain additional (paid-for) features.
Yes, it is hard to pierce the corporate veil in civil matters. Vicarious libaility and all that. However, the corporate veil does not exist in criminal matters. The individuals dun wrong, and can be held accountable for jailtime.
This comes under "necessary functions" -- you consent to the pgms, and they need to use the regs. The full 128 aren't even programmer visible in ASM, they're used by the register renamer.
don't drop the soap!
Wow, this is a crazy story to see on here. Why? Because I met the man in Vancouver just shortly (I imagine) before he was arrested. I was out on a nice day playing with my daughter in the park - he was out with his son in the same park and we had a nice chat while our kids played together. He was a pleasant, nice guy and genuinely interesting to talk with - who knew that he was wrapped up in this!
Were they really broken into? Or did he download bugfixed IOS images for redistribution to his customers with cisco gear?
Why 'or' and not 'and/or'? He could have accessed their system without authorization and used that access to download IOS images.
There's still nothing about any particular content on any computer system that entitles an individual to access it without permission from the owner.
Uh HP's stuff sucks in general.
We had problems getting HP switches to work with HP enclosures+blades (via the HP blade virtual switch crap).
I had to plug my personal el-cheapo d-link gigabit switch between the switch and the enclosure port to somehow get stuff to temporarily work.
I don't know why that helped. Was not really my problem (some other company was in charge of fixing that stuff - I just had to get it to work so that we could do our stuff :) ).
But some weeks later watching the brand new enclosures having hardware problems and blades dying sure didn't give me even more confidence in HP's crap.
BTW years ago I saw an HP server that didn't pass HP's own self-test. So did a firmware upgrade and the offending self-tests were gone...
That's one way of getting it to pass I guess ;).
If there was evidence, it would have been provided to the Canadian authorities by now. 10 months is a damn long time to rot in a cell.
Reading comprehension is key -- he was bailed out and is free to go anywhere he wants in Canada.
It's routine for foreign citizens from non-extraditing countries (he is Nigerian) to be barred from foreign travel while criminal proceedings pend. The presumption of bail does mean the right to skip the country to avoid charges.
It's not hard to imagine that a party to a lawsuit might break into the computers of the other party.
It's also not hard to imagine that a party to a lawsuit might accuse the opposing party of having done so.
Your key question doesn't need to be refuted ... it needs to be answered by the people who asked for the arrest and extradition in the first place.
'The evidence does not exist' cannot be logically proven. 'The evidence does exist' can, which makes the key question 'Why hasn't the U.S. Attorney's office provided the requested evidence in the ten months since the arrest?'.
Some buy it because of TAC. A few of those even actually need it and can justify the cost. Others buy it used (for more than some new equipment would cost) because they can't afford it otherwise and then don't pay for any sort of Cisco support. Those are the ones to wonder about.
At one time in networking, you almost had to at least put Cisco gear out front because otherwise any problem at all would be blamed on you (even if it was likely a Cisco quirk). That's just not the case anymore. I certainly don't mind deploying Cisco gear if it's already there and suitable to the task, but I don't specify it.
It is a hell of a coincidence that a guy who's likely to be a witness in a civil trial got arrested just in time to prevent him from testifying. Is it really hard for you to conceive that Cisco could be playing dirty?
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
If they orchestrated someone's arrest, that's far more than bad business practises. Companies should be jailed for this.
Full disclosure: I work for Cisco TAC.
> Fixes are only available after Cisco is paid for them and, once again, the fixes come without guarantees as well.
Now this is not what I remembered. So I went and checked.
Go to Cisco PSIRT (http://www.cisco.com/go/psirt) where I click on the H323 problem in IOS, I go to the advisory at http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a300.shtml.
On that page there is a section "Obtaining Fixed Software" with a sub-section "Customers without Service Contracts" where you can read "...Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade...".
Peter
The allegation is that they are the sole provider of critical fixes to bugs in Cisco products that should never have been allowed out the door in the first place.
They certainly ARE the sole provider. The idea is that they have a duty to fix factory defects for free, yet they leverage their status as sole provider to force people into support contracts in order to get those critical fixes, and so freeze out 3rd party support.
The legal concept of monopoly goes well beyond the simplistic and almost never achievable 100% domination of the market.
Because if he had a cisco login id, he didn't break in.
"We are all geniuses when we dream"
- E.M. Cioran
I am no lawyer but this is only a problem once he is convicted. Or did I miss the fact that he is being deprived of a chance to defend himself in court?
In all seriousness, I get your point. But there is a major difference between "arrested" and "convicted". Arrested just means "you'll have your day in court". So this fight is far from over and any bad smells you are smelling will most likely be eliminated by the time this is all over.
Perhaps YMMV, but I have never had a moment of trouble with HP switches.
I don't buy it. YOU nor does anybody else have any evidence that would convince me that it was him who hacked Cisco regardless of it it happened. Hacking isn't something that you can prove. It is something that happens and then is said to have happened by somebody. Without evidence beyond "our logs show xyz" you have no idea if or who hacked Cisco. It could just as well be fabricated. AND just because they have proprietary information doesn't prove they were the ones who hacked Cisco. It could have been obtained legally by a rogue employee or a third party hacker. Wikileaks is legal in the United States even if the United States doesn't like it. The same thing is true here. You don't know how this supposed information was obtained and it is that which must be proved. Something which if done right would be impossible. The reason hackers are convicted is because of stupidity. Either that of the courts or that of the hacker.
IEEE specified the capability and the data structure in the packet. They did not specify how to think about the capability nor the configuration language to be used in various devices.
As a result, different people will use different terminology or see things in 'odd' ways. Some configurations talk about adding and removing tags (in a sort of MPLS lite sort of way) while others talk about default vlans, trunks, and virtual interfaces. Both result in IEEE 801.2q packets.
Mod this guy up - whatever the truth of the case it seems like 10 months should be enough time to provide the evidence. Always hate to see the Canadians fall short - who's going to be our positive role model..
To come join Cisco in Las Vegas....douchebags....
They make decent middle of the road laptops, great switches, and over-priced servers that play shenanigans like making you pay extra to get a BIOS that doesn't disable CPU features. I have no idea about their blade hardware other than that in general blade means "willing to pay a metric assload to say I have a blade server".
I am no lawyer but this is only a problem once he is convicted. Or did I miss the fact that he is being deprived of a chance to defend himself in court?.
Yes, you whizzed right by probable cause. Without which police have no authority to arrest, and courts of no jurisdiction to even put you on trial.
Because if he had a cisco login id, he didn't break in.
According to TFA (or linked from TFA), he is alleged to have used a login belonging to his former coworker (he used to work at Cisco).
Using someone else's credentials is fairly clearly an unauthorized use of a computer system, at least in such cases where the owner does not give that user permission to let others use his or her login.
I'll also note that you haven't at all refuted the key question, which is whether there is sufficient evidence to believe the individual whose extradition is sought committed the crime and merits a trial. Honestly, it's hard for me to imagine any other question that's relevant.
And all you've done is speculate Glen Beck style, casually lay our a nice story with Cisco on the up-an-up. That's a pretty big assumption. The article states *no evidence* has been brought forward for the arrest. Nada. So yup, till there's *real* evidence, you can just jump off that horse of yours.
We dumped our Cisco gear years ago after attending a presentation on OpenBGP (in which the presenter talked about routing his Internet2 connection with a P4) and we haven't looked back since. And the equivalent Cisco machines for our border routers cost an order of magnitude more.
My institution also dumped Cisco. It is USU - Utah's land-grant university. We have about 30K students/faculty/staff and about 200 buildings.) Our experience has been very positive.
Years ago, we did a cost analysis and decided that Cisco didn't make financial sense. We could do everything we needed with cheaper, commodity devices.
So, for the next couple years, all upgrades/replacements were to simpler structures. To non-proprietary protocols. And to non-Cisco equipment. We have been Cisco-Free for about 7 years.
Our network is about 1/3 the price of equivalent Cisco provisioned equipment. We have substantially fewer outages than our peers with Cisco equipment. We have a faster, more reliable network than our peers. And security seems to be increased as well.
Of course, a lot of that is due to simpler, more robust network designs. But, I blame that on Cisco as well. Cisco architecture always prefers proprietary complexity over robust simplicity. The Cisco approach to device failure is either replace with a more expensive and complex device, or implement complex redundancy.
The hardest part was beating off the attacks from Cisco Sales. These attacks were vicious. They lied (even more than usual for Cisco sales droids.) They tried their best to discredit us. First they approached the head of IT. Then the VP for Business. Then the president.
Finally, they went to the Board of Regents. They said we were incompetent. They said our actions were endangering the future of our institution. Amazingly, the Regents looked at our documentation and backed us.
It only happened because we carefully documented our actual needs, and upper management was willing to trust us. I get the impression that most management would fold under the pressure we saw.
I wonder if it's time to do the same analysis for Oracle. They are smelling ripe. Oracle appears to believe that they own us. Lately, they have gone from asking what we need, to telling us what we will do. Their current pricing is not based on competition, but on our ability to pay. The more they believe they control us, the more they will charge. Eliminating Oracle will be hard, but not as hard as Cisco was. And, we may have the necessary talent to pull it off.
Miles
If you're a massive Company, Inc., sure, you can afford to blow the salaries it'd take to develop in-house expertise for every single last one of your IT needs.
The majority of businesses can't afford to do that. Yet they still buy Cisco gear. Probably for two reasons. First, Cisco spends a fortune on advertising. They've got advertising on TV. In airports. I'm pretty sure they've stolen Futurama-level tech and are now inserting Cisco advertisements into dreams.
Second, if you do end up needing some sort of Network Wizardry(tm), it's a hell of a lot easier finding someone who knows what the hell is up with your Cisco(tm) router, than say, a Mikrotik. (Also, Mikrotik, RouterOS, look it up people. Shit is so cash.)
I don't buy it. YOU nor does anybody else have any evidence that would convince me that it was him who hacked Cisco regardless of it it happened. Hacking isn't something that you can prove. It is something that happens and then is said to have happened by somebody. Without evidence beyond "our logs show xyz" you have no idea if or who hacked Cisco. It could just as well be fabricated.
I don't buy that either in the same sense that I don't believe that he necessarily did it. It coudl have been someone else. What I do think is that in such cases we should have a trial to figure out if there is evidence beyond a reasonable doubt that it was him (and that his action was criminal).
You cite a bunch of doubts -- those are perfectly good doubts and I would hope that they would get properly aired. What you can't say is that those doubts mean that they shouldn't even arrest him and put him on trial because there are alternative explanations. That's for the jury to decide.
It's not hard to imagine that a party to a lawsuit might break into the computers of the other party.
It's also not hard to imagine that a party to a lawsuit might accuse the opposing party of having done so.
Your key question doesn't need to be refuted ... it needs to be answered by the people who asked for the arrest and extradition in the first place.
Indeed. The entire purpose of the extradition is for him to stand trial where we get to figure out if there is sufficient evidence to believe that he did the crime. I'm not short-circuiting that step, I'm saying that Cisco is well within their rights to ask for him to be arrested and tried given that there is at least a plausible case for it.
You can't even arrest someone without a minimum of evidence, may it be completely circumstantial.
Cisco's support is very good - its expensive, but you get what you pay for. I am not sure why that means their kit is noticeably any better though; you tend to find, particularly with their higher end kit, your choices are a) pick which set of bugs you can live with or b) go with a beta that is near untested In fairness, (a) is usually good enough; MS have set the bar for "enterprise level" so low nobody expects perfection. But still, its not cheap, and *having* to have bought from an approved vendor, and have bought support, in order to get bugfix patches is a major pain. What is really needed is for someone else to up their game to match the level of support.
-=DaveHowe=-
when you have more than 20 nodes...
They also suck from a different angle. A few years back, I bought a SonicWall from a business that was closing down. After six months of fighting with SonicWall's support about the ownership of said gear, I gave up. Not exactly sure where the box ended up.
It's not the years, honey, it's the mileage. - Colonel Henry Walton Jones, Jr., Ph.D.
And how is someone with a Cisco based switching background uniquely deficient with regard to their understanding of 802.1q trunking that someone with an HP or Foundry background is not?
It leaves them unsure of the equivalent configuration in terms of tagged, untagged, and applying a tag on ingress plus permitted and forbidden tags. The ones who actually understand 802.1q manage OK after a few moments, but the ones who viewed the Cisco trunking as a sort of magic box tend to be completely lost. Due to the psychology of "The Cisco Way", they conclude that the HP gear simply can't do it and must be junk.
I don't understand : how does buying Cisco equipment make an organization incapable of understanding multihoming?
So what you're saying is the people who are dumb suck at understanding technology? HP vs Cisco vs Foundry has no bearing on this.
So what you're saying is the people who are dumb suck at understanding technology? HP vs Cisco vs Foundry has no bearing on this.
And yet Cisco certifies them. That's certainly on Cisco.
If you actually read the Cisco Press(tm) book when it talked about the IEEE 802.11Q standard, and looked at the pretty pictures you might have noticed that a trunk sends ...ummm... *tagged* frames... and an access port sends... yeah... *untagged* frames. HP and others didn't revolutionize the networking world with the "concept" of tagged and untagged, they just use a different command syntax because that's what their commodity ASICs support.
So HP, or Foundry, or Juniper never certify a bozo?
As far as I can tell, HP, Juniperm and Foundary don't certify people at all. I suppose they might, but I never hear anyone alternating between bad advice on routing and crowing about being certified by any of them.
Welp...
http://www.hp.com/certification/certifications_technology.html#networking
http://www.juniper.net/us/en/training/certification/
http://www.brocade.com/education/certification-accreditation/certified-network-engineer/index.page
So, just no bad advice and crowing then.
Undoing uncorrect mod-up!