Boing Boing: Michael Lynn's controversial Cisco security presentation
Over on Boing Boing: [snip] Here's a PDF that purports to be Michael Lynn's presentation on Cisco's critical vulnerabilities ("The Holy Grail: Cisco IOS Shellcode And Exploitation Techniques"), delivered at last week's Black Hat conference. Lynn's employer, ISS, wouldn't let him deliver the talk (they'd been leant on by Cisco), so Lynn quit his job, walked onstage and delivered it anyway. (See yesterday's post and Scheneier's take for more). 1.9MB PDF Link [snip] http://www.boingboing.net/2005/07/29/michael_lynns_contro.html I think these guys better prepare for the "slashdot effect"... :-) - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net ferg's tech blog: http://fergdawg.blogspot.com/
At 2:19 PM +0000 2005-07-29, Fergie (Paul Ferguson) wrote:
http://www.boingboing.net/2005/07/29/michael_lynns_contro.html
I think these guys better prepare for the "slashdot effect"...
The guys at cryptome.org have a long history of archiving documents that others in the business have found to be embarrassing, such as the CyberPatrol stuff. They have an archive of Lynn's PDF at <http://cryptome.org/lynn-cisco.zip>. Personally, I'd trust their version a lot more than BoingBoing. I'm sure that lots of other mirrors will now pop up, too. -- Brad Knowles, <brad@stop.mail-abuse.org> "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See <http://www.sage.org/> for more info.
At 6:44 PM +0200 2005-07-29, Brad Knowles wrote:
At 2:19 PM +0000 2005-07-29, Fergie (Paul Ferguson) wrote:
http://www.boingboing.net/2005/07/29/michael_lynns_contro.html
I think these guys better prepare for the "slashdot effect"...
BTW, the original slides are supposed to be at <http://www.infowarrior.org/users/rforno/lynn-cisco.pdf>. However, what's there now is currently a place-holder, although it does tell you that if you're looking for the original PDF file that you can still access that at <http://www.infowarrior.org/users/rforno/lynn-cisco1.pdf>. All three of the copies of the slides I've downloaded so far have the same MD-5 hash, namely 559942447c88086fa1304c38f9d0242c. I'll try to dig up some SHA-1, SHA-1, and SHA-256 implementations to compare/contrast the different files. -- Brad Knowles, <brad@stop.mail-abuse.org> "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See <http://www.sage.org/> for more info.
On Sat, 30 Jul 2005, Brad Knowles wrote:
BTW, the original slides are supposed to be at <http://www.infowarrior.org/users/rforno/lynn-cisco.pdf>. However, what's there now is currently a place-holder, although it does tell you that if you're looking for the original PDF file that you can still access that at <http://www.infowarrior.org/users/rforno/lynn-cisco1.pdf>.
The PDFs at infowarrior.org have been replaced with a letter from ISS's lawyers requesting the paper be removed (with the attached Injunction). I guess it means we are all safe now. -- Simon J. Lyall. | Very Busy | Mail: simon@darkmere.gen.nz "To stay awake all night adds a day to your life" - Stilgar | eMT.
On Sat, 30 Jul 2005, Simon Lyall wrote:
On Sat, 30 Jul 2005, Brad Knowles wrote:
BTW, the original slides are supposed to be at <http://www.infowarrior.org/users/rforno/lynn-cisco.pdf>. However, what's there now is currently a place-holder, although it does tell you that if you're looking for the original PDF file that you can still access that at <http://www.infowarrior.org/users/rforno/lynn-cisco1.pdf>. The PDFs at infowarrior.org have been replaced with a letter from ISS's lawyers requesting the paper be removed (with the attached Injunction). I guess it means we are all safe now.
I guess at this point ISS realizes their reputation is so deep in the shitter that nothing they do could make it worse. -Dan
On Fri, 29 Jul 2005 23:16:39 PDT, Dan Hollis said:
I guess at this point ISS realizes their reputation is so deep in the shitter that nothing they do could make it worse.
Give it a week. :) (It's obvious that the people calling the shots in this circus have either never heard of "Skylarov", "deCSS", or "@Stake/Dan Geer", or have decided to out-do those. In either case, I'm willing to bet a large pizza with everything on it that Monday morning will bring a whole new set of PR miscues into play.. ;) ObNANOG: the PDF now up on infowarrior also includes: "Defendant Michael Lynn shall also: 13. Identify any websites (if any) 1) where he posted directly or indirectly the ISS presentation, his slides from the Black Hat 2005 USA July 27, 2005 presentation or decompiled Cisco code; or 2) where he is aware such information is posted. If such postings were made directly or indirectly by him, he shall have such postings taken down by 5:00 p.m., July 28, 2005 PDT." I'm sure Monday will see subpoenas for Apache logs..... :)
participants (5)
-
Brad Knowles
-
Dan Hollis
-
Fergie (Paul Ferguson)
-
Simon Lyall
-
Valdis.Kletnieks@vt.edu