ISS attacks news sites

Found on The Inquirer on Sunday, 31 July 2005
Browse Censorship

Michael Lynn made some well reported comments about a Cisco vulnerability at a recent Black Hat conference. His presentation was being shown at sites like www.infowarrior.org.

Infowarrior took down the presentation over the weekend after getting a nasty letter from ISS. The letter said that not only was Lynn being sued by Cisco and ISS, the two had also called in Inspector Knacker of the Yard to investigate alleged industrial espionage by Lynn.

Copies of the 1.9MB PDF file have popped up on a number of websites, after Cisco first pressured Lynn's former company Internet Security Systems (ISS) into removing the presentation from the line-up at the Black Hat security conference in Las Vegas.

One of the things that is really strange about this, is that people who have seen the presentation say that Lynn demonstrated how the flaw could be exploited but obscured much of the technical details that an attacker would need to know to pull it off.

History proves that many mix up things when it comes to censoring the Internet. These actions draw attention to what Cisco is trying to hide, and all the media coverage makes more and more interested in the flaw. I guess there is now a whole bunch working on an exploit for IOS, something Cisco wanted to avoid. While it may be possible to some extend to hold back the information from the majority, it's the minority that will try to exploit it. Plus, the way how Cisco handled the problem might scare others to make bugs public, effectively leaving holes unfixed.