Globe and Mail: The truth about security
Mary Kirwan writes in The Globe and Mail:
Truth is often stranger than fiction, and never more so than in the world of IT security. The recent BlackHat security event in Las Vegas was a case in point, becoming the stage for a bizarre series of events.
Bemused attendees watched as Cisco and Internet Security Systems Inc. (ISS) tried to stop Michael Lynn, an ISS employee, from giving his scheduled talk on critical vulnerabilities in Cisco routers. Routers move data around the Internet, and Cisco owns the market for them. It has generally been assumed- naively so- that they are impervious to attack, so news that they are not is very bad news indeed.
These less than glad tidings, however dispiriting, would rarely qualify as front page news. But Cisco and ISS demurred. They secured an injunction to prevent Lynn from giving his talk, and his presentation was ripped from conference binders. The newly martyred Lynn duly quit his job at ISS, sallied forth and delivered his speech anyway, causing a veritable ruckus.
The entire affair was quickly dubbed 'Ciscogate', and made news around the world.
It also drew attention to a disquieting global trend that is gathering momentum. Software vendors are using copyright and trade secret laws to prevent researchers from revealing critical flaws in software products.