On TV.com: HOUSE: Good Riddance, Cameron!
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 28 of 68:
Next »
« Previous
Get a clue
If you really think that he would quit his job for "15 minutes of fame", you really don't know much.

Mike Lynn has already had his "15 Minutes" of fame, over the past several years. Mike's knowledge, experience, and professionalism have been shown time and time again, with his dedication to doing the right things, for the right reasons.

For you to make disparaging comments about a collegue who has done so much for the security community at large, you either are ignorant of Information Security, or simply ignorant.

Mike exposed the vulnerability, without providing ANYONE the source code, in order to move a behemoth company into action. Cisco was aware of the problem late last year, announced a patch in March of this year, without addressing the actual vulnerability.

If you would read the rest of the press surrounding this event, you'll see that Cisco, ISS and Mike were working together to put the presentation together, and at the last minute, Cisco tried to stop the presentation, citing, "Premature release". How is working on the issue for over 9 months premature?

Look at Cisco's own public statement... http://www.cisco.com/en/US/about/security/intelligence/MySDN_CiscoIOS.html

where it says, "... the information presented at the Black Hat Conference yesterday was not a disclosure of a new vulnerability or a flaw with Cisco IOS software..."

So, how is he doing something "wrong"? He's exposing a weakness in the very structure of the internet. As a security professional, I would hope that ANY of my peers would do the same in the same position.

If the foundation of a skyscraper was weak, and you knew about it, would you keep it to yourself? or would you attempt to tell someone?

If you told someone, and they didn't do anything about it, what you do then? Would you pony up, and put your career on the line? or would you slink away, afraid of being labeled as a Spotlight Seeker?

Get a clue...
Posted by: jnoble@...   Posted on: 07/28/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

"not yet fully baked"  Roving_Reporter | 07/28/05
"Baked"  htotten | 07/28/05
Please...  ArtMac | 07/28/05
Please...give me a break  TN-Limey | 07/28/05
Lynn a criminal???  tonkica | 07/28/05
Yup  TN-Limey | 07/28/05
Just food for thought for a second  Xbeing | 07/28/05
Ummm...  ArtMac | 07/28/05
half-baked  linuxoverwindows | 07/28/05
java_p-your're stupid  phi_alpha_nu@... | 07/28/05
The issue  brichter | 07/28/05
Whistle Blower  wolf_z | 07/28/05
What if Microsoft did this?  jbburks | 07/28/05
No yawning here  John L. Ries | 07/28/05
have you hacked a cisco today?  linuxoverwindows | 07/28/05
IP violation  Carrion | 07/28/05
Are you quite certain?  dalecosp | 07/28/05
I'm sure a real hacker...  el1jones | 07/28/05
Flaws  Carrion | 07/28/05
Read the facts.  jnoble@... | 07/28/05
YOU read the facts  brichter | 07/28/05
Analogy issue here  Xbeing | 07/28/05
what is a r00ted box?  linuxoverwindows | 07/28/05
15 minutes.  jpfitz@... | 07/28/05
re:15 minutes  deepee912 | 07/28/05
If he is a hero  Xbeing | 07/28/05
If it's no big deal...  el1jones | 07/28/05
Get a clue  jnoble@... | 07/28/05
Whistle-blower, my a$$  brichter | 07/28/05
Why a 1 vendor solution is stupid  ITGuy04 | 07/28/05
Cisco certification  itpro_z | 07/28/05
Cisco certification  Loverock Davidson | 07/28/05
i need an employer that will pay for those happy  linuxoverwindows | 07/28/05
hear! hear!  linuxoverwindows | 07/28/05
Well...  ArtMac | 07/28/05
Well ...  dalecosp | 07/28/05
Yep, right here...  Grimm Reaper | 07/28/05
lol  linuxoverwindows | 07/28/05
MS Bashers  Too Old For IT | 07/28/05
Maybe they are too smart  ebrke | 07/28/05
IOS  jnoble@... | 07/28/05
Cisco hits back  Mugsy_z | 07/28/05
Let's keep such things underground, shall we?  Sxooter_z | 07/28/05
wink  dalecosp | 07/28/05
sure, cause then...  linuxoverwindows | 07/28/05
This is why all software should be Open Source  kokuryu | 07/28/05
Open Source Presumption  Too Old For IT | 07/28/05
Right ...  gary.douglas@... | 07/28/05
Easy picking.  papatator | 07/28/05
Bad News Supression  John L. Ries | 07/28/05
Hmm, that's an interesting thought....  dalecosp | 07/28/05
Security by Obscurity  Dr_Zinj | 07/28/05
Did I miss something?  Xbeing | 07/28/05
Thanks  TN-Limey | 07/29/05
when you use the law to cover your sorry butt  toxicfreak | 07/28/05
what??  sirsully | 07/28/05
Re: when you use the law to cover your sorry butt  webster_z | 08/01/05
Cisco and the jerk  TN-Limey | 07/28/05
He didn't reveal anything new  george_ou | 07/28/05
Why  TN-Limey | 07/28/05
Right on, Limey - Re: Cisco and the jerk  webster_z | 08/01/05
If one can figure it out anybody can  xkmail | 07/28/05
Black Hat to be commended for efforts to expose cisco and all other flaws  samm_z | 07/28/05
Are they 'bugs' or 'humans'?  mtn.brk@... | 07/28/05
non-disclosure  sandbagger | 07/28/05
Learn that which you speak about  jnoble@... | 07/28/05
cisco, injunction  jef124c41 | 07/29/05
Both Cisco and BHS are right from there point of view  alfresco_0101@... | 08/04/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement