[ISN] Cisco IOS Hacker Finds Work at Juniper

InfoSec News isn at c4i.org
Mon Nov 7 03:09:11 EST 2005


http://www.eweek.com/article2/0,1895,1882028,00.asp

By Paul F. Roberts 
November 4, 2005 

Updated: Security researcher Michael Lynn, made famous for exposing a
major hole in Cisco's software, is now employed at Cisco rival,
Juniper.

Michael Lynn, the security researcher who made international headlines
in July for blowing the whistle about a major hole in Cisco Systems
Inc.'s software, has found employment at Cisco's chief rival, Juniper
Networks Inc.

A Juniper spokesman confirmed that Lynn works for the Sunnyvale,
California, networking equipment maker, three months after he lost his
job as a researcher at Internet Security Systems Inc. when he
disregarded company requests to spike a presentation at the Black Hat
Briefings Conference in Las Vegas about vulnerability in Cisco's IOS
(Internetwork Operating System).

Cisco issued a patch for the hole Lynn discovered on Wednesday.

Cisco did not respond to requests for comment in time for this story.  
An ISS spokesman said the company had "nothing to add" to the story.

Lynn was the subject of intense media attention and a lawsuit after
his planned discussion of the vulnerability IOS at Black Hat, an
annual hacker convention, turned into a stand-off between Cisco, Lynn
and show organizers.

Initially, Cisco forced conference organizers to physically remove
notes on the IOS hole from conference proceedings and convinced Lynn's
employer ISS to cancel the talk.

Lynn agreed with the plan, then abruptly changed his mind, and
resigned his position at ISS and presented information on the hole to
a rapt audience.

Lynn's talk prompted Cisco and ISS to get a California court to issue
an injunction and temporary restraining order against Lynn and Black
Hat Inc., demanding that Lynn and Black Hat stop disseminating
information on the IOS hole, which Cisco alleged was illegally
obtained.

Lynn, Cisco and ISS reached an agreement shortly after the talk, with
Lynn promising never to discuss the hole or present at Black Hat
again, and to return all research materials relating to the hole to
Cisco. Lynn then disappeared from view.

In its patch Wednesday, Cisco acknowledged that IOS was vulnerable to
what are known as heap-based overflows, in which portions of memory on
Cisco routers are overwritten with malicious code.

While Lynn's defiance of Cisco and ISS made him a folk hero within the
hacking and security researcher community, many speculated that he
could have trouble finding work, especially at security research
companies like ISS that emphasize confidentiality.

With Lynn now gainfully employed at Juniper, those concerns turn out
to be unfounded.

A company spokesman declined to say what Lynn's job was, or how long
he had been working at the company, citing a company policy not to
discuss individual roles and responsibilities.

Bruce Schneier, founder and CTO of CounterPane Security Inc., said
that Juniper may have picked the right man for the job, even if Lynn
is a former hacker.

"Smart companies hire the best person for a job," said Schneier.  
"Sometimes the best person for the job is a former hacker. And
sometimes the best person for a job is someone who stood up for what's
right against some pretty big companies."





More information about the ISN mailing list