Here's a PDF that purports to be Michael Lynn's presentation on Cisco's critical vulnerabilities ("The Holy Grail: Cisco IOS Shellcode And Exploitation Techniques"), delivered at last week's Black Hat conference. Lynn's employer, ISS, wouldn't let him deliver the talk (they'd been leant on by Cisco), so Lynn quit his job, walked onstage and delivered it anyway. (See yesterday's post
and Scheneier's take
1.9MB PDF Link
Update: Seb sez, "Cisco, Michael Lynn and ISS have all come to an 'arrangement'. It would seem all material pertaining to the flaw, the exploit and the talk are to be handed over to Cisco, who will presumably lock it all up and throw away the key. All videos of the presentation are to be handed over as well, and Lynn has been forbidden from talking at Black Hat or Defcon."
Michael Lynn, a former ISS researcher, and the Black Hat organisers agreed to a permanent injunction barring them from further discussing the presentation Lynn gave on Wednesday. The presentation showed how attackers could take over Cisco routers, a problem that Lynn said could bring the Internet to its knees.
The injunction also requires Lynn to return any materials and disassembled code related to Cisco, according to a copy of the injunction, which was filed in US District Court for the District of Northern California. The injunction was agreed on by attorneys for Lynn, Black Hat, ISS and Cisco.
Lynn is also forbidden to make any further presentations at the Black Hat event, which ended on Thursday, or the following Defcon event. Additionally, Lynn and Black Hat have agreed never to disseminate a video made of Lynn's presentation and to deliver to Cisco any video recording made of Lynn."
Update 2: Randi, a reader who claims to be an ex-coworker of Lynn's, and the girlfriend of Lynn's roommate, says, "A settlement with Cisco has been reached, but ISS is still pursuing criminal charges. The press doesn’t appear to know yet that the FBI is performing an investigation now, starting with seizing equipment from Michael and his roommates. On a happy note, Mike has received quite a few job offers, including from some places you wouldn't expect."
Update 3 Courtesy of James, Wired News's coverage of the FBI's investigation of Michael Lynn
Neglected public payphones in New York City are being turned into “GuyFi” stations: a place where one can rub one out for the sake of “stress relief.” Annalee Newitz reports on the wank booths from a company named “Hot Octopus”… The company reported that at least 100 men used the booth on its opening day […]
You’d be forgiven for thinking the videocassette format long-dead, but it turns out that Betamax is still around. Sony is finally going to withdraw tapes from sale, bringing a 40-year story to an end. The last recorders were sold in 2002. ベータビデオカセットおよびマイクロMVカセットテープ出荷終了のお知らせ [Sony; via The Verge]
A leaked Comcast memo discloses that the company’s consumer data caps have nothing to do with network congestion, contrary to its public claims. The internet service provider has often complained (such as when lobbying against net neutrality) that it must impose limits on service to prevent network congestion. The argument suggests that these measures are […]
It’s 2016 and we like our technology really small. Our phones fit in our pockets, our remotes are lighter than ever, and even our cars seem to be shrinking. So your new drone shouldn’t be an exception. This Axis VIDIUS Drone is 21% off right now and it’s so little, your biggest problem won’t be […]
You’ve heard the news: cyber security is the new and very scary frontier. Hackers are out there just waiting for you to relax for a second and let them in. But that’s not going to happen to you. With a lifetime premium subscription to ZenMate VPN, you’re completely protected from anyone out there who wants […]
Remember back to the time when people thought java was just a hip way to talk about coffee? Or you vaguely remembered from geography class that it’s an island in the South Pacific? We’ve come a long way since then and now that we’ve rocket blasted into the tech future, you’re going to need to […]