| |
| Current Topic: Technology |
|
Network World | Cisco nixes conference session on hacking IOS router code |
|
|
|---|
| Topic: Technology |
9:55 pm EDT, Jul 27, 2005 |
A presentation called “The Holy Grail: Cisco IOS Shellcode Remote Execution” was slated to run at the Black Hat conference in Las Vegas this week. But Internet Information Systems and Cisco, the companies presenting the segment, decided to pull the presentation after discussions between the two firms.
As noted in my previous meme, Lynn did wind up giving his talk. Although he had to resign from ISS to do so. According to Jeff Moss, CEO of the Black Hat Conference, Cisco on Monday said it would go to court for a restraining order to stop Black Hat from distributing materials on the IOS presentation already submitted by ISS and Cisco and published in the 1,000-page conference program. Moss said that Cisco supplied personnel, with razorblades in hand, to cut out 15 pages of material from 2,500 Black Hat conference show guides that detailed the company’s research.
No word if Cisco or ISS is going to attempt any legal action against Lynn. According to a rumor circulating at the conference this week, the U.S. Department of Homeland Security was involved in asking Cisco and ISS to change its findings for security reasons. Cisco and ISS deny DHS involvement.
"Several agencies" have been in contact with Lynn regarding his research. Network World | Cisco nixes conference session on hacking IOS router code |
|
Wired News: Cisco Security Hole a Whopper |
|
|
|---|
| Topic: Technology |
9:30 pm EDT, Jul 27, 2005 |
Wired just posted the best article so far.. Here are some of the highlights:Lynn likened IOS to Windows XP, for its ubiquity. "But when there is a Windows XP bug, it's not really a big deal," Lynn said. "You can still ship (data through a network) because the routers will transmit (it). How do you ship (data) when the routers are dead?" "Can anyone think why you would steal (the source code) if not to hack it?" Lynn asked the audience, noting that it took him six months to develop an attack to exploit the bug. "I'm probably about to be sued to oblivion. (But) the worst thing is to keep this stuff secret." "There are people out there looking for it, there are people who have probably found it who could be using it against either national infrastructure or any enterprise," said Ali-Reza Anghaie, a senior security engineer with an aerospace firm, who was in the audience. During his talk, Lynn demonstrated an attack in real time using his own router, but did not allow the audience to see the steps. The attack took less than a minute to execute. "In large part I had to quit to give this presentation because ISS and Cisco would rather the world be at risk, I guess," Lynn said. "They had to do what's right for their shareholders; I understand that. But I figured I needed to do what's right for the country and for the national critical infrastructure."
Wired News: Cisco Security Hole a Whopper |
|
Abaddon Drops The Bomb on Cisco |
|
|
|---|
| Topic: Technology |
9:23 pm EDT, Jul 27, 2005 |
Security experts view Black Hat as the premier event to discuss and explore Internet vulnerabilities. At this year’s event, Michael Lynn, a member of ISS’ X-Force R&D team, gave a talk Wednesday on vulnerabilities in Cisco’s IOS, but he did so only after resigning from ISS, according to a company spokesperson.
Lynn is MemeStreams user abaddon. Cisco’s statement added that Lynn’s presentation was not a disclosure of a new vulnerability or a flaw with Cisco IOS software, but an exploration of “ways to expand exploitations of existing security vulnerabilities impacting routers.”
Cisco PR is spinning at top speed right now. Lynn did infact demonstrate the remote injection of shellcode to a Cisco router. Lynn is able to make a Cisco router connect back to his attack host with an enable shell. For those unfamilar with Cisco routers, that basically means its possible to hack the router and get full control of it. This is not a DoS attack. This is a full on compromise. This is basically the bug that could be used to take down the Internet. No bullshit. Abaddon Drops The Bomb on Cisco |
|
|
|---|
| Topic: Technology |
8:09 pm EDT, Jun 12, 2005 |
] Reenie's head chip woke her by steadily increasing
] the perceived volume of a song by a British comedy
] troupe. Lots of trippy dreams last night. She
] couldn't remember them all this morning, but she was
] sure they were cool. She rolled out of bed and prepared
] for her "Commute" to the adjoining room. Reenie
] loved her job, well, as much as she could love any job.
] She got to work from home as much as she liked. If you liked "Ownz0red" by Cory Doctorow, which many of you did, you will definitely like this quick little 10 minute read. Futurismic: Fiction |
|
|
|---|
| Topic: Technology |
3:22 am EST, Nov 19, 2004 |
] Google Scholar enables you to search specifically for
] scholarly literature, including peer-reviewed papers,
] theses, books, preprints, abstracts and technical reports
] from all broad areas of research. Use Google Scholar to
] find articles from a wide variety of academic publishers,
] professional societies, preprint repositories and
] universities, as well as scholarly articles available
] across the web. So far, I am pretty impressed. I do literature searches pretty much daily in my job, so more sites like this make my life much easier. I spend most of my time at Pubmed, but it is interesting to see what google catches that pubmed doesn't. I will definitly be keeping my eye on this. - Nano Google Scholar |
|
Wired News: Nano Killers Aim at Mini Tumors |
|
|
|---|
| Topic: Technology |
8:57 pm EDT, Jun 23, 2004 |
A company called Kereos is developing a pair of nanotechnologies to identify tumors that measure just 1 mm in diameter, then kill them with a tiny but precise amount of a chemotherapy drug. The technologies, if approved by the Food and Drug Administration, would not only find cancers in their earliest stages before they can do damage or spread, but also deliver a small amount of a drug targeted directly at tumors, which would cause little or no side effects. Pretty neat. Wired News: Nano Killers Aim at Mini Tumors |
|
Sony LIBRIe - The first ever E-Ink e-Book Reader : Handhelds : MobileMag |
|
|
|---|
| Topic: Technology |
6:46 pm EST, Mar 25, 2004 |
]
] Philips, Sony and E-Ink have come together to announce
] the Worlds first consumer application of an electronic
] paper display module in the Sony LIBRIé e-Book reader.
] The black and white ink-on-paper look of the plastic
] display film is 170 pixels per inch (PPI) and resembles
] newsprint. Holy shit! Sony LIBRIe - The first ever E-Ink e-Book Reader : Handhelds : MobileMag |
|
RE: Latest Ebook venture... |
|
|
|---|
| Topic: Technology |
5:32 pm EST, Mar 24, 2004 |
inignoct wrote:
] ] Royal Philips Electronics (NYSE: PHG, AEX: PHI), Sony
] ] Corporation(NYSE: SNE) and E Ink Corporation announced
] ] today the world's first consumer application of an
] ] electronic paper display module in Sony's new e-Book
] ] reader, LIBRIé, scheduled to go on sale in Japan in late
] ] April. This "first ever" Philips' display utilizes E
] ] Ink's revolutionary electronic ink technology which
] ] offers a truly paper-like reading experience with
] ] contrast that is the same as newsprint.
]
] [ This is an area I follow with some enthusiasm, since I love
] to read. I'm still not sure how i feel about ebooks...
] there's something missing in the sensual experience -- the
] texture of the page, the smell of ink and paper, the heft and
] solidity of a bound novel. I can't help but think that this
] line of thinking will expire, like most traditional modes, as
] current youth grow up with the new modalities. I see myself
] already becoming the oldster, lamenting the lost experience
] offerd by paper books, while the kids snicker about silly old
] men not being hip to the present. And I'm only 25. Anyway,
] I'm curious to see what the MS community thinks about all
] this.
]
] Leaving behind the philosophy, i think this device, as a
] product, needs to lose the keyboard, add a slick pen
] interface, and be wireless. Then it's existence as *the*
] newspaper is solidified... constant realtime updates to news
] content from the source(s) you choose, an easy means for
] annotation and bookmarking, clipping and forwarding news
] objects.
]
] The evolution towards Star Trek style tablets continues. -k] Kerry, I feel the same way. I love to read, and half of the passion of reading comes from the book itself. I love to be surrounded by books, and nothing is better than cracking open a new book, feeling it in your hands, the smell of the paper... You are right, the sensations would be missed. I can't say I am a proponent of ebooks, but at the same time, I can see how they would be useful. Take textbooks for example. With an e-textbook, instead of being years behind due to the slowness of publishing, e-textbooks could be updated in a moment, which could really be useful. By the time textbooks hit the shelves in the college bookstore, they are way behind. Anyway, I am oldskool and I always will be:) - Nano RE: Latest Ebook venture... |
|
