The dispute over a presentation on hacking Cisco Systems' router software at the Black Hat security conference culminated in a legal settlement on Thursday.
Michael Lynn, a former ISS researcher, and the Black Hat organisers agreed to a permanent injunction barring them from further discussing the presentation Lynn gave on Wednesday. The presentation showed how attackers could take over Cisco routers, a problem that Lynn said could bring the Internet to its knees.
The injunction also requires Lynn to return any materials and disassembled code related to Cisco, according to a copy of the injunction, which was filed in US District Court for the District of Northern California. The injunction was agreed on by attorneys for Lynn, Black Hat, ISS and Cisco.
Lynn is also forbidden to make any further presentations at the Black Hat event, which ended on Thursday, or the following Defcon event. Additionally, Lynn and Black Hat have agreed never to disseminate a video made of Lynn's presentation and to deliver to Cisco any video recording made of Lynn.
In his first news conference, Lynn on Thursday said that despite all the legal wrangling he faced during the past day and a half, demonstrating an attack on Cisco's router software was the right thing to do.
"I think I did the right thing. It was pretty scary, but the real important thing was there was the potential of serious problem," Lynn said. "I did not think the nation's interest was served by waiting another year when a router worm would be a serious threat."
In his presentation on Wednesday, Lynn outlined how to attack Cisco's Internetwork Operating System to gain control over the router running IOS. Cisco routers make up much of the infrastructure of the Internet. A widespread attack could badly hurt the Internet, according to experts attending Black Hat.
It is possible to actually destroy a router, which could cripple or shut down parts of the Internet or a corporate network. "It is one of those cases where software can destroy hardware, Lynn said.
IOS had been perceived to be impervious to such attacks, which is why a wake-up call was needed, Lynn said.
"Nobody really considered until Wednesday that this was possible," he said. The theft of Cisco's IOS source code also increases the chances that criminal hackers are working on exploits, he said.
Lynn acknowledged that his talk may actually help criminals in finding ways to attack Cisco routers.
"I gave maybe 5 percent of the information required to actually do what I did," he said. "The first guy who did it is sort of in some way responsible for all the other people who do it."
Several Black Hat attendees suggested that with the information provided by Lynn, skilled security researchers would have little trouble reproducing his attack.
What's important now is that Cisco fixes the underlying problem in IOS and prevents the problem in future versions of the software, Lynn said.
Lynn quit his job as a researcher at ISS to deliver the presentation after ISS had decided to pull the session. Notes on the vulnerability and the talk, "The Holy Grail: Cisco IOS Shellcode and Remote Execution," were removed from the conference proceedings by Cisco, leaving a gap in the thick book.
ISS wanted to cancel the session because the research was premature and would be presented at a later security conference, an ISS representative said Wednesday.
After the talk, Lynn retained attorney Jennifer Granick in the face of legal action by his former employer ISS and Cisco. Granick is the executive director of the Stanford Law School Centre for Internet and Society.
"Without her help I would be in some really serious trouble," Lynn said on Thursday.
Cisco said in a statement on Thursday that it is "gratified" by the agreed injunction. It prevents further discloser of information that could help create an attack on critical network infrastructure, the networking giant said in a statement.
"It is Cisco's opinion that the method Mr. Lynn and Black Hat chose to disseminate this information was not in the best interest of protecting the Internet," Cisco said.
Cisco plans to release a security advisory on the issue within the next day, it said.
The actual flaw Lynn exploited for his attack was fixed by Cisco in recent releases of IOS. Users of the latest versions are not vulnerable, Lynn and Cisco said. However, Lynn cautioned in his talk on Wednesday that new IOS flaws could be exploited for similar wide-ranging attack.
Talkback
I ask readers accross the Internet to write to John T. Chambers, President of Cisco Systems regarding Black Hat confrence and Michael Lynn Saga. since then Things at Cisco systems moved in the negative direction. Among the negative happenings at Cisco the following stand out. 1. Cisco used its legal Muscle for Lynn to voluntarily agree to a permanent Injunction, 2. agree to refrain from participation at Black Hat Confrence, 3. Chambers issued a statement that Lynn was silenced because he had obtained the vital information illegally and had to be silenced, 4. Cisco issued a baa humbug patch to cure the flaw disclosed by Lynn.
This is not the way a CEO of a major Multinational should act. He can't silence a researcher after his result uncovers negative information. People can't trust Cisco. Nobody knows how good the patch, issued by Cisco is if people can't talk about if the Patch is useless. Microsoft issues daily patches to windows operating systems. I know because I'v Windows XP.
The least that Chambers should have done is to 1. vacate the temporary Injunction, 2. Hired the researcher Michael Lynn back and 3. assured the world that he is as concerned about the matter as Michael Lynn is.
John T Chambers can't be trusted. He has to go, not Michael Lynn the researcher.
I ask every reader to write to John T Chambers asking him to resign as Cisco CEO and telling him you are writing to every Director to fire him if he does not resign.
I'm listing below the names of every Director of Cisco Systems and his Assress. Please write asking him to fire Jon T. Chambers if he does not resign.
Address of John T Chambers, CEO Cisco Systems, 170 West Tasman Drive, San Jose, CA 95134-1706
His Telephone number 408-526-4000
Names and Addresses of Director of the Board of Cisco Systems
1. Jerry YANG, Yahoo Co-founder 701 1st ave, Sunnyvale, CA 94089
2. Donald T Valentine, Partner and Co-founder of Sequoia Capital, 3000 Sandhill Rd Building 4, Suite 180, Menlo Park CA 94025
3. Steven M. West, Partner and Founder of Emerging Company Partners LLC 551 Lantern Court, Incline Village, NV 89451
4.Richard M. Kovalevich, Director, C/O Barclays Global Systems, 45 Freemont St, 17th Floor, San Francisco, CA 94106
5. John P. Morgridge, C/O Cogent Communications Group
1015 31 St, Washington DC20007
6. Roderick C. McGeary, 1676 International Dr, McLean, VA22102
7. James T. Gibbons, 10001 Louisiana St, Houston, TX 77002, second Address Professor, Research, Electrical Engineering Dept., Stanford University, Stanford, CA 94305
8. Michele M Burns, Exec VP, Mirant Corp., 1155 Perimeter Center West Atlanta, GA 30308
9. Carol Bartz, C/O Auto Desk, INC., 111 Mc Innis Parkway, San Rafael, CA 94903
10. John L. Hennessy, President, Stanford University, Stanford, CA 94305
11. James C. Morgan, Chairman, Applied Materials, 3050 Bowers Ave, Santa Clara, CA 95054
Please also write to the following parties that have voting agreemebts with Cisco for election of Directors:
1. H. Perry Barth, Chief Accounting Officer, NetSolve,
2.Jeffery Guillot, Vice President Development, NetSolve
3. Russel Sellers, Product Development, NetSolve
4. Jerry J. Quade, VP Human Resource, NetSolve
6. Richard Hamilton, VP, Service and Delivery, NetSolve
7. David P. Hood, CEO, NetSolve
8. Gregory K. Jones, VP Sales, Net Solve
9. Michael Guillard, Cornerstone Mgmt Profit Sharing Plan, P.O. box 1203, Menlo Park, CA 94026
10. John McCarthy, Gateway Venture Partnership 8000 Maryland Ave #1190, St. Louis, MO 63105
111.Guillard Family Trust, P.O. Box 1203, Menlo Park, CA 94026
12. George N Gregoise, Rancher, Editor, Columnist, CIO Magazine
13.Spectra Enterprise Resource LP, 1119 St. Paul St., Baltimore, MD 21202
14.Howard D.Wolfe Jr., General Partner of Venture Partners I LP; New Venture Partners LP, New VEnture Partners II and III LP, 1119 St. Paul, Baltimore, MD 21202
15. James J. Zucco, Corzente, Inc., 444 Madison Ave,
I ask readers accross the Internet to write to John T. Chambers, President of Cisco Systems regarding Black Hat confrence and Michael Lynn Saga. since then Things at Cisco systems moved in the negative direction. Among the negative happenings at Cisco the following stand out. 1. Cisco used its legal Muscle for Lynn to voluntarily agree to a permanent Injunction, 2. agree to refrain from participation at Black Hat Confrence, 3. Chambers issued a statement that Lynn was silenced because he had obtained the vital information illegally and had to be silenced, 4. Cisco issued a baa humbug patch to cure the flaw disclosed by Lynn.
This is not the way a CEO of a major Multinational should act. He can't silence a researcher after his result uncovers negative information. People can't trust Cisco. Nobody knows how good the patch, issued by Cisco is if people can't talk about if the Patch is useless. Microsoft issues daily patches to windows operating systems. I know because I'v Windows XP.
The least that Chambers should have done is to 1. vacate the temporary Injunction, 2. Hired the researcher Michael Lynn back and 3. assured the world that he is as concerned about the matter as Michael Lynn is.
John T Chambers can't be trusted. He has to go, not Michael Lynn the researcher.
I ask every reader to write to John T Chambers asking him to resign as Cisco CEO and telling him you are writing to every Director to fire him if he does not resign.
I'm listing below the names of every Director of Cisco Systems and his Assress. Please write asking him to fire Jon T. Chambers if he does not resign.
Address of John T Chambers, CEO Cisco Systems, 170 West Tasman Drive, San Jose, CA 95134-1706
His Telephone number 408-526-4000
Names and Addresses of Director of the Board of Cisco Systems
1. Jerry YANG, Yahoo Co-founder 701 1st ave, Sunnyvale, CA 94089
2. Donald T Valentine, Partner and Co-founder of Sequoia Capital, 3000 Sandhill Rd Building 4, Suite 180, Menlo Park CA 94025
3. Steven M. West, Partner and Founder of Emerging Company Partners LLC 551 Lantern Court, Incline Village, NV 89451
4.Richard M. Kovalevich, Director, C/O Barclays Global Systems, 45 Freemont St, 17th Floor, San Francisco, CA 94106
5. John P. Morgridge, C/O Cogent Communications Group
1015 31 St, Washington DC20007
6. Roderick C. McGeary, 1676 International Dr, McLean, VA22102
7. James T. Gibbons, 10001 Louisiana St, Houston, TX 77002, second Address Professor, Research, Electrical Engineering Dept., Stanford University, Stanford, CA 94305
8. Michele M Burns, Exec VP, Mirant Corp., 1155 Perimeter Center West Atlanta, GA 30308
9. Carol Bartz, C/O Auto Desk, INC., 111 Mc Innis Parkway, San Rafael, CA 94903
10. John L. Hennessy, President, Stanford University, Stanford, CA 94305
11. James C. Morgan, Chairman, Applied Materials, 3050 Bowers Ave, Santa Clara, CA 95054
Please also write to the following parties that have voting agreemebts with Cisco for election of Directors:
1. H. Perry Barth, Chief Accounting Officer, NetSolve,
2.Jeffery Guillot, Vice President Development, NetSolve
3. Russel Sellers, Product Development, NetSolve
4. Jerry J. Quade, VP Human Resource, NetSolve
6. Richard Hamilton, VP, Service and Delivery, NetSolve
7. David P. Hood, CEO, NetSolve
8. Gregory K. Jones, VP Sales, Net Solve
9. Michael Guillard, Cornerstone Mgmt Profit Sharing Plan, P.O. box 1203, Menlo Park, CA 94026
10. John McCarthy, Gateway Venture Partnership 8000 Maryland Ave #1190, St. Louis, MO 63105
111.Guillard Family Trust, P.O. Box 1203, Menlo Park, CA 94026
12. George N Gregoise, Rancher, Editor, Columnist, CIO Magazine
13.Spectra Enterprise Resource LP, 1119 St. Paul St., Baltimore, MD 21202
14.Howard D.Wolfe Jr., General Partner of Venture Partners I LP; New Venture Partners LP, New VEnture Partners II and III LP, 1119 St. Paul, Baltimore, MD 21202
15. James J. Zucco, Corzente, Inc., 444 Madison Ave,
I ask readers accross the Internet to write to John T. Chambers, President of Cisco Systems regarding Black Hat confrence and Michael Lynn Saga. since then Things at Cisco systems moved in the negative direction. Among the negative happenings at Cisco the following stand out. 1. Cisco used its legal Muscle for Lynn to voluntarily agree to a permanent Injunction, 2. agree to refrain from participation at Black Hat Confrence, 3. Chambers issued a statement that Lynn was silenced because he had obtained the vital information illegally and had to be silenced, 4. Cisco issued a baa humbug patch to cure the flaw disclosed by Lynn.
This is not the way a CEO of a major Multinational should act. He can't silence a researcher after his result uncovers negative information. People can't trust Cisco. Nobody knows how good the patch, issued by Cisco is if people can't talk about if the Patch is useless. Microsoft issues daily patches to windows operating systems. I know because I'v Windows XP.
The least that Chambers should have done is to 1. vacate the temporary Injunction, 2. Hired the researcher Michael Lynn back and 3. assured the world that he is as concerned about the matter as Michael Lynn is.
John T Chambers can't be trusted. He has to go, not Michael Lynn the researcher.
I ask every reader to write to John T Chambers asking him to resign as Cisco CEO and telling him you are writing to every Director to fire him if he does not resign.
I'm listing below the names of every Director of Cisco Systems and his Assress. Please write asking him to fire Jon T. Chambers if he does not resign.
Address of John T Chambers, CEO Cisco Systems, 170 West Tasman Drive, San Jose, CA 95134-1706
His Telephone number 408-526-4000
Names and Addresses of Director of the Board of Cisco Systems
1. Jerry YANG, Yahoo Co-founder 701 1st ave, Sunnyvale, CA 94089
2. Donald T Valentine, Partner and Co-founder of Sequoia Capital, 3000 Sandhill Rd Building 4, Suite 180, Menlo Park CA 94025
3. Steven M. West, Partner and Founder of Emerging Company Partners LLC 551 Lantern Court, Incline Village, NV 89451
4.Richard M. Kovalevich, Director, C/O Barclays Global Systems, 45 Freemont St, 17th Floor, San Francisco, CA 94106
5. John P. Morgridge, C/O Cogent Communications Group
1015 31 St, Washington DC20007
6. Roderick C. McGeary, 1676 International Dr, McLean, VA22102
7. James T. Gibbons, 10001 Louisiana St, Houston, TX 77002, second Address Professor, Research, Electrical Engineering Dept., Stanford University, Stanford, CA 94305
8. Michele M Burns, Exec VP, Mirant Corp., 1155 Perimeter Center West Atlanta, GA 30308
9. Carol Bartz, C/O Auto Desk, INC., 111 Mc Innis Parkway, San Rafael, CA 94903
10. John L. Hennessy, President, Stanford University, Stanford, CA 94305
11. James C. Morgan, Chairman, Applied Materials, 3050 Bowers Ave, Santa Clara, CA 95054
Please also write to the following parties that have voting agreemebts with Cisco for election of Directors:
1. H. Perry Barth, Chief Accounting Officer, NetSolve,
2.Jeffery Guillot, Vice President Development, NetSolve
3. Russel Sellers, Product Development, NetSolve
4. Jerry J. Quade, VP Human Resource, NetSolve
6. Richard Hamilton, VP, Service and Delivery, NetSolve
7. David P. Hood, CEO, NetSolve
8. Gregory K. Jones, VP Sales, Net Solve
9. Michael Guillard, Cornerstone Mgmt Profit Sharing Plan, P.O. box 1203, Menlo Park, CA 94026
10. John McCarthy, Gateway Venture Partnership 8000 Maryland Ave #1190, St. Louis, MO 63105
111.Guillard Family Trust, P.O. Box 1203, Menlo Park, CA 94026
12. George N Gregoise, Rancher, Editor, Columnist, CIO Magazine
13.Spectra Enterprise Resource LP, 1119 St. Paul St., Baltimore, MD 21202
14.Howard D.Wolfe Jr., General Partner of Venture Partners I LP; New Venture Partners LP, New VEnture Partners II and III LP, 1119 St. Paul, Baltimore, MD 21202
15. James J. Zucco, Corzente, Inc., 444 Madison Ave,