Cisco and the tobacco industry

Thu Jul 28 18:17:46 UTC 2005

Subject : RE: Cisco IOS Exploit Cover Up

On Thu, 28 Jul 2005, Geo. wrote:

> I think there is also a LOT concern about all the unpatched routers that
> remain unpatched simply because the admins don't feel like spending a week
> running the cisco gauntlet to get patches when you don't have a support
> contract with cisco. Its like cisco doesn't want you to patch or they would
> make it easy.
>
> Geo.

This is oh so true - contracts in order to patch your equipment. Normally
I would never mention the need for an authority to intervene on things
related to the Internet but how long will it be before the term "Digital
Pearl Harbor" is a reality.

Maybe it is time an authority figure steps in and makes some form of rules
for vendors to distribute fixes under some form of law. If this flaw of
Cisco's could lead to the kind of severe damage as Mr. Lynn claims,
shouldn't it fall on the shoulders of Cisco to get their act together and
provide a fix as opposed to sending in the hounds (legal shmoes via
lawsuit) to quash their problems.

I'm sort of taking a look at it from the tobacco company lawsuit stance
where the tobacco bigwigs would bury the truth in legal trash as opposed
to making things right. It's rather irresponsible behaviour on the part of
Cisco to avoid coming clean on this issue.

On matters of a public exploit and or the skill level necessary to create
an attack via whatever flaw Mr. Lynn spoke of: It is only a matter of time
before something is out there, so for some to criticize Mr. Lynn for being
a whistleblower, shame on you. I think he did a courageous thing.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
sil @ infiltrated . net | http://www.infiltrated.net
GPG Key ID 0x97B43D89
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89

To conquer the enemy without resorting to war is the most
desirable.  The highest form of generalship is to conquer
the enemy by strategy." - Sun Tzu