Black Hat, Lynn Settle with Cisco, ISS
Posted by Andrew Brandt | Friday, July 29, 2005 4:04 PM PT
At the conclusion of the Black Hat Briefings yesterday, embattled security researcher Michael Lynn diclosed the agreement he and the conference made with Cisco Systems and Internet Security Systems concerning his presentation on Cisco software vulnerabilities.
Lynn defended in a press conference his controversial decision to make a presentation
Wednesday morning on what Lynn calls a very serious security loophole in Cisco's router software. Neither Cisco nor ISS participated in the press conference, but Cisco has released a brief statement describing Lynn's presentation an "irresponsible public disclosure of illegally obtained proprietary information."
Under the terms of a permanent injunction
, sought by both Cisco and Lynn's former employer, ISS, Lynn must give the companies all of his research materials, including the presentation slides, his notes, and proof-of-concept software Lynn wrote that he used during his presentation. Black Hat must give Cisco the videotape of the presentation made by the conference's audio-visual contractor. Parts of the presentation have already been posted
on security Web sites.
The resolution capped a tense day of negotiations between lawyers representing Cisco, ISS, Lynn, and the conference. Here are a few other memorable moments from the conference that the Cisco story overshadowed:
USB Hardware Hacker
Darrin Barrall, an R&D Engineer with SPI Dynamics, shows off his custom-built USB hacking device. In a session Wednesday titled "Plug and Root: The USB Keys to the Kingdom," Barrall, along with colleagues David Dewey and Caleb Sima, described and demonstrated how malicious hackers could install keylogging software, steal information, or crash computers by inserting custom-built USB devices into computers.
Security researcher Kevin Mahaffey makes a final adjustment to a series of radio antennas; Mahaffey used the directional antennas in a demonstration during his presentation, "Long Range RFID and its Security Implications." Mahaffey and two of his colleagues demonstrated how he could increase the "read range" of radio frequency identification (RF) tags from the typical four to six inches to approximately 50 feet. Mahaffey said the tags could be read at a longer distance, but he wanted to perform the demonstration in the room where he gave the presentation, and that was the greatest distance within the room that he could demonstrate. RFID tags such as the one Mahaffey tested will begin to appear in U.S. passports later this year or next year.
Caught in the Middle
Black Hat Briefings CEO Jeff Moss takes a moment to relax during the Michael Lynn press conference. Moss' company was caught in the middle of the dispute between Cisco, ISS, and Lynn. One day before the conference was set to begin, Cisco hired temps to tear pages out of the conference proceedings book, and Moss had to scramble to press new proceedings CDs that lacked Lynn's presentation slides.