Re: No sellout. was: RE: Lynn / Cisco shellcode

[byte_jump <bytejump () gmail com>]

On 7/29/05, Holden Williamson <limeyhaqr () gmail com> wrote:
> So what we can conclude from this, in total, is this;
>
> + Lynn joined ISS to save the world
> + Lynn left ISS to save the world
> + The world hasn't changed
>
> Am I getting everything or was there some ground-breaking threat
> and/or research that I blinked and missed?



I'm a bit more disposed to be positive about what Lynn did. The stuff
he discussed would be a heck of a lot scarier if "virtual processes"
were in common use, as Cisco is working toward.

My guess is that Lynn saw both sides of the coin here. He saw that the
execution of arbitrary code on a router is no longer theoretical, but
now is entirely possible. He also saw that Cisco had a massive freight
train speeding down the tracks (with a lot of organizational inertia)
in "virtual processes" that would make router exploitation so much
easier. He then likely saw that Cisco was going to sit on the stuff
(or be slow with it at least) mentioned in his BlackHat presentation,
probably until the "virtual processes" thing was complete. We'd really
be in a mess then, so rather than step in front of the train or stand
idly by, he let everyone know that, while things suck now, once the
train arrives, we'll all be in a world of hurt if this stuff isn't
fixed.

I think he did The Right Thing.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave