The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Mike Lynn's 'exploit', in plain (non-technical) English

Posted by Xavier Ashe on August 4, 2005

There has been an almost unbelievable amount of hubbub lately about the
research that Mike Lynn gave a demonstration of at the BlackHat
conference last week, and there's been a positively dizzying amount of
“spin” applied to the media. Let me say one thing to everyone reading
this, right up front. What Lynn uncovered is a serious issue,
probably actually more serious than what the media is making it out to
be. While coverage on the issue is good (and useful to both “sides”)
the lack of actual accurate reporting on the issue isn't helpful to

Now, on to what is really the thing that makes the technical aspect of Lynn's research very dire indeed.
I've already said that Lynn did not find an “exploit” in the classic
sense of the term, and this is quite true. The code that is the result
of the research that Lynn demonstrated at BlackHat, used by itself, can't be used to do anything
to a router. It's more accurate to say that it works as an “exploit
enhancement”. There is also a fundamental misconception about the root
reason for Lynn's presentation. The message Lynn was attempting to get
out had very little to do with any particular vulnerability in Cisco's
products–the message was that one of the fundamental assumptions (that hardware-based firewalls are invulnerable to remote compromise attacks) that the majority of the internet uses to form their network availability policies is wrong. Lynn demonstrated rather clearly to the BlackHat conference attendees just how wrong it is.

Very good read on Dagmar's Blog

Here's to hoping things change for the better before some nutjob tries to go down in infamy.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: