Saturday, July 30, 2005
Cisco V Michael Lynn
Michael Lynn lost the battle (BBC):
Mr Lynn found out about the Cisco bugs while working at computer security consultants, Internet Security Systems - a job he left only hours before he presented the information to the conference.More details at the PC World blog:
He said it was important to get information about the bugs in to the public domain.
Cisco did not agree and won an injunction that bars Mr Lynn and organisers of the Black Hat conference from ever talking about what they know.
At the conclusion of the Black Hat Briefings yesterday, embattled security researcher Michael Lynn diclosed the agreement he and the conference made with Cisco Systems and Internet Security Systems concerning his presentation on Cisco software vulnerabilities....A prior WP blog post explaining the lead up:
Under the terms of a permanent injunction, sought by both Cisco and Lynn's former employer, ISS, Lynn must give the companies all of his research materials, including the presentation slides, his notes, and proof-of-concept software Lynn wrote that he used during his presentation. Black Hat must give Cisco the videotape of the presentation made by the conference's audio-visual contractor. Parts of the presentation have already been posted on security Web sites.
According to people who heard the presentation today, Lynn demonstrated how the flaw could be exploited but obscured much of the technical details that an attacker would need to know to pull it off. The injunctions filed against him state that ISS and Cisco had been working together on the flaw for the past four months, and that up until earlier this week, a Cisco executive was slated to co-present the findings with Lynn at Black Hat. But on Monday, Cisco asked conference organizers to pull Lynn's presentation from the conference materials handed out to attendees.Not very reassuring. But the information escaped, and Cisco did publish a security alert with one problem and the patches available. Presentation slides (pdf) are up at InfoWarrier.