http://www.eweek.com/article2/0,1895,1882028,00.asp By Paul F. Roberts November 4, 2005 Updated: Security researcher Michael Lynn, made famous for exposing a major hole in Cisco's software, is now employed at Cisco rival, Juniper. Michael Lynn, the security researcher who made international headlines in July for blowing the whistle about a major hole in Cisco Systems Inc.'s software, has found employment at Cisco's chief rival, Juniper Networks Inc. A Juniper spokesman confirmed that Lynn works for the Sunnyvale, California, networking equipment maker, three months after he lost his job as a researcher at Internet Security Systems Inc. when he disregarded company requests to spike a presentation at the Black Hat Briefings Conference in Las Vegas about vulnerability in Cisco's IOS (Internetwork Operating System). Cisco issued a patch for the hole Lynn discovered on Wednesday. Cisco did not respond to requests for comment in time for this story. An ISS spokesman said the company had "nothing to add" to the story. Lynn was the subject of intense media attention and a lawsuit after his planned discussion of the vulnerability IOS at Black Hat, an annual hacker convention, turned into a stand-off between Cisco, Lynn and show organizers. Initially, Cisco forced conference organizers to physically remove notes on the IOS hole from conference proceedings and convinced Lynn's employer ISS to cancel the talk. Lynn agreed with the plan, then abruptly changed his mind, and resigned his position at ISS and presented information on the hole to a rapt audience. Lynn's talk prompted Cisco and ISS to get a California court to issue an injunction and temporary restraining order against Lynn and Black Hat Inc., demanding that Lynn and Black Hat stop disseminating information on the IOS hole, which Cisco alleged was illegally obtained. Lynn, Cisco and ISS reached an agreement shortly after the talk, with Lynn promising never to discuss the hole or present at Black Hat again, and to return all research materials relating to the hole to Cisco. Lynn then disappeared from view. In its patch Wednesday, Cisco acknowledged that IOS was vulnerable to what are known as heap-based overflows, in which portions of memory on Cisco routers are overwritten with malicious code. While Lynn's defiance of Cisco and ISS made him a folk hero within the hacking and security researcher community, many speculated that he could have trouble finding work, especially at security research companies like ISS that emphasize confidentiality. With Lynn now gainfully employed at Juniper, those concerns turn out to be unfounded. A company spokesman declined to say what Lynn's job was, or how long he had been working at the company, citing a company policy not to discuss individual roles and responsibilities. Bruce Schneier, founder and CTO of CounterPane Security Inc., said that Juniper may have picked the right man for the job, even if Lynn is a former hacker. "Smart companies hire the best person for a job," said Schneier. "Sometimes the best person for the job is a former hacker. And sometimes the best person for a job is someone who stood up for what's right against some pretty big companies." _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Mon Nov 07 2005 - 00:17:05 PST