Create an Account
username: password:
  MemeStreams Logo

Cisco's poetic comeuppance begins


My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Dagmar's topics
  Sci-Fi/Fantasy Literature
  Role Playing Games
  Video Games
   PC Video Games
   Console Video Games
   Multiplayer Online Games
Health and Wellness
Current Events
Local Information
  Politics and Law
   Internet Civil Liberties
   Intellectual Property
   Computer Security
   PC Hardware
   Computer Networking
   Computing Platforms
   Software Development
    Open Source Development
    Perl Programming

support us

Get MemeStreams Stuff!

Cisco's poetic comeuppance begins
Topic: Activism 10:37 pm EDT, Aug  1, 2005

SecurityFocus has some coverage about what the other hackers who are not Mike Lynn are doing about the Cisco campaign to keep people in the dark. They're trying to figure out what Mike Lynn figured out, if for no other reason than to spite Cisco.

Let's hope this ends well. Lynn is a level-headed guy who knew the seriousness of what he'd discovered. The issue demanded attention, but attention of a responsible sort (which is why Lynn didn't just publish a proof-of-concept exploit some months ago, and why you're still able to read this right now). Cisco has drawn *huge* amounts of attention to a problem they haven't addressed yet, and given people plenty of incentive to do something rash just to prove a point. Part of the problem is summed up in the quoted text below, and it's going to hurt Cisco like their lawyers would never have thought possible.

"By serving takedown notices in response to such situations, a company demonstrates clearly that it is more concerned with preserving its commercial interest in intellectual property than fostering community awareness and knowledge pertaining to critical Internet security issues," Forno said an e-mail statement.

Of course, what their lawyers are probably banking on is being able to say "It wasn't *us* that did it." after the Internet burns to the ground, but I strongly suspect that if lawyers weren't so interested in myopically "protecting the interests of shareholders" to the exclusion of what makes sense for keeping the Internet as a whole safe. Had Cisco's lawyers not decided to intervene so heavy-handedly, this would have probably blown over, gotten patched, and become just another milestone event in security research--and basically Cisco would have come out of it smelling like roses. Stockholders don't care whether or not an incident or two occurs, and only slightly less than do the equipment purchasers who are the people Cisco should be truly concerned about. The way things stand now, there's thousands of hackers out there who are extremely incensed and motivated to do something to demonstrate their displeasure with the situation.

Here's to hoping that won't involve a Blaster-like event.

Cisco's poetic comeuppance begins

Powered By Industrial Memetics