, SecurityFocus 2005-07-27
LAS VEGAS -- Networking giant Cisco and security company Internet Security Systems filed for a temporary restraining order on Wednesday against the management of the Black Hat Conference and a security expert who told conference attendees that attackers can broadly compromise Cisco routers.
Expand all |
Post comment
Cisco, ISS file suit against rogue researcher
2005-07-28
Alexey Vesnin (2 replies)
Alexey Vesnin (2 replies)
Re: Cisco, ISS file suit against rogue researcher
2005-07-28
Anonymous (1 replies)
Anonymous (1 replies)
no good deed?
2005-07-28
Anonymous (3 replies)
Anonymous (3 replies)
I don't think it matters who's company you work for or what 'stage' you set, if you find companies or the government playing games with critical information that threatens national security then you should bring it to the attention of the public. I don't think it matters who's salary you are under.
It sounds like he took the best steps he could in order to let his company and Cisco address his findings and they refused.
I can see how this may affect both ISS and Cisco's businesses negatively unfortunately one companie's profits can't override other companies and national security.
I don't think suing people into keeping quiet about critical flaws in nationally sued products is the right answer.
If the baby seats in your car had a critical flaw that a company refused to address, would you rather the researcher stay quiet and let your child potentially die or would you rather he resign and tell the public? While we can make the argument that noone's life should be at stake by these flaws in networking hardware I don't believe that there is any difference in either situation.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11259/33015#33015