Create an Account
username: password:
 
  MemeStreams Logo

Consternation

search

nox
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

nox's topics
Sci-Fi/Fantasy Literature
Comedy
Games
Miscellaneous
Current Events
Tennessee
  Nashville
   Nashville Events
   Nashville News
(Technology)

support us

Get MemeStreams Stuff!


 
Current Topic: Technology

Router Flaw Is a Ticking Bomb | Mike Lynn Has Integrity^3
Topic: Technology 4:01 pm EDT, Aug  2, 2005

Wired has done a great interview with Mike. It should clear up a number of the questions people have had with recent events.

I would like to specifically point out one part of this interview:

WN: So ISS knew the seriousness of the bug.

Lynn: Yes, they did. In fact, at one point ... they apparently didn't get it, and they actually wanted to distribute the full working exploit very widely inside the company.... I was told ... "Give this to all the sales engineers and to all the pen testers."

WN: Why would they want you to do that?

Lynn: Well, because it bruises Cisco, remember? Mind you, this was something that Cisco hadn’t gone public with yet and that's not useful to pen testers because what do they advise their customers to do (to protect themselves if no information about the vulnerability has been released yet)?

I told them, "You do realize if you do that, it's going to leak?" And (one of the ISS guys) says, "That's Cisco's problem." And then (another ISS guy) turns to me and says that they need to understand this could be their Witty worm. I was like, Whoa, what meeting did I walk into?

(The Witty worm was a particularly aggressive and destructive code released by someone last year that targeted computer systems running a security program made by Internet Security Systems and even more specifically targeted military bases using the software. It infected more than 12,000 servers and computer systems in about an hour. Because of the worm's speed in spreading and its creators' apparent knowledge of who ISS' customers were, some security experts speculated that someone working for or connected to ISS might have been responsible for writing and releasing it.)

At that point, I told them all no, and they fought it and I resigned right there on the spot. And this was about a month ago.

I thought they were handling this in a non-ethical manner. Because it was just way too fast and loose with who can see this.... I mean, I don't even want people to see it now. (ISS talked him out of the resignation by agreeing to give him control over who could see or have the exploit.)

All I can say is WOW. A big "wow". Caps, bold, and feeling.

Anyone who says that Mike is not on the level needs to reference this. This says truly horrible things about ISS. This should cost them some serious reputation capitol.

One thing that Mike did a great job of in this interview is getting the idea out that in order to defeat the "bad guys", you must run faster then them. It is the only option.

Case in point, via the Wall Street Journal:

"The vulnerabilities are out there on the Net in full broadcast mode," said Gilman Louie, a tech-industry veteran who heads In-Q-Tel, a venture-capital firm backed by the Central Intelligence Agency. "The bad guys get to it faster than everybody else. I'd rather have disclosure and let everybody respond."

Disclosure is a great thing, but it must be done properly. I would argue that Mike did it properly. I would argue that he has displayed the best kind of ethics through this entire mess. Given the content of this Wired interview, I would argue that ISS has its head up its ass.

Router Flaw Is a Ticking Bomb | Mike Lynn Has Integrity^3


mCatalog - prettay...
Topic: Technology 10:09 am EDT, Oct 14, 2004

mCatalog is a new app that I ran across that is used to catalog movies and books. It looks rather useful.....and it has a very OSX OMG PRETTAY!!! interface.

mCatalog - prettay...


It's like X-ray specs.....but not
Topic: Technology 7:30 am EDT, Apr  7, 2004

"The days of dull, grey concrete could be about to end. A Hungarian architect has combined the world’s most popular building material with optical fiber from Schott to create a new type of concrete that transmits light."

It's like X-ray specs.....but not


IBM gets AS/400 running on PSone
Topic: Technology 2:16 pm EDT, Aug  6, 2003

Many people wondered why there was a push to run Linux on the Xbox. If you thought they were crazy, meet their leaders.

IBM gets AS/400 running on PSone


omfg Toshiba Satellite P25 is huge lol!
Topic: Technology 8:15 am EDT, Jul  3, 2003

Where's the really tiny one for Yao Ming to use?

[inside joke]
This is a Randy sized laptop.

Spring Break 2002, baby!
[/inside joke]

omfg Toshiba Satellite P25 is huge lol!


Elonka.Com - Steganography
Topic: Technology 10:31 pm EST, Nov 15, 2002

this is elonka's talk on steganography from phreaknic. elonka is a bad ass cypher freak. the slides are well worth 15 minutes of your time. some reasonable thought about the likelyhood that al-q actually used stegaNography in images tO conceal Their plans for 911. jonnyx's goggled face offers clear evidence that universities that have searched for stego on the web and not found it simply have not tried hard enough. the reader is left to ponder the possible.

Elonka.Com - Steganography


 
 
Powered By Industrial Memetics
RSS2.0