Miscellaneous

by Mike Masnick




Why Cisco's Attempt To Suppress Security Researcher Backfired

from the everybody's-hacking-now dept

Last week, we noted just how ridiculous it was that Cisco thought it could make the discussion of a massive security exploit disappear by ripping some pages out of a presentation, demanding all video tape from the presentation and getting the speaker to agree not to discuss the issue again. All that really did, in true Streisand Effect means, was make damn sure that a lot of security researchers have spent the whole weekend trying to break Cisco's software based on what they know. Yes, this would have gotten some attention if the original plans for a presentation had gone off as planned -- but Cisco's reaction drew that much more attention to it and made it quite clear that Cisco was really, really worried about it. You would have thought that the company would recognize how this response would play out, but apparently no one told them how the internet works on these types of issues.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    BG, 1 Aug 2005 @ 6:08am

    What if...

    What if they developed security software that was programmed to increased its security and complexity with every attempt to break into it? What if Cisco had did this and that they could go throught the Streisand effect and actually end up with a more formidable product intentionally? Maybe with every break-in, the code would change and build upon itself from the last attempt? This almost sounds as if it should exist already...

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous of Course, 1 Aug 2005 @ 10:54am

    Lawyers Making Money

    At least the lawyers are making money. On some mirrors the PDF from the presentation has been replaced by a threatening letter from a law firm representing Cisco. However the mirror in Russia is still up... imagine that. I'm sure Cisco is being billed for each usless letter and the wasted time spent trying to supress the information. That said, after reading though it I can see why the presentation has Cisco's underwear in a bunch. Although you'd think by now the smart people there would have anticipated such events and would be better prepared to handle them.

    reply to this | link to this | view in thread ]

  3. identicon
    Ivan Sick, 1 Aug 2005 @ 3:48pm

    Re: What if...

    The idea of evolutionary software is nice, but we're not they're yet. Nowhere close to AI period, much less the kind required for that. (I'm not saying we shouldn't be trying to get there, just that it couldn't happen today.)

    reply to this | link to this | view in thread ]

  4. identicon
    Nonesuch, 1 Aug 2005 @ 10:19pm

    Re: Re: What if...

    What if they developed security software that was programmed to increased its security and complexity with every attempt to break into it? What if Cisco had did this and that they could go throught the Streisand effect and actually end up with a more formidable product intentionally? Maybe with every break-in, the code would change and build upon itself from the last attempt? This almost sounds as if it should exist already...

    Sounds neat, but goes against how exploits are developed.

    Let's say that I want to take over Cisco 7200 class transit routers, one of the most common peers in the current BGP cloud. Do I start launching random attacks against live Internet routers at randomly selected universities?

    No!

    What I do is go out on eBay and dovebid and pick up a a few variants of the Cisco router I'm targeting, plug them into my 100% isolated from the Internet test lab, and start my cheap imported Russian hackers pounding away at them.

    So after a few weeks I have a tried and true exploit, without overly committing any crime, and without giving Cisco or any researcher with a sniffer on the backbone any sign of what I am developing.

    The term "0day" is generally used to refer to such an exploit only when it has been developed to fruition without even the underlying vulnerability being exploited having been revealed to the vendor nor the public.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.