Full Story Full Story







0
PRESS RELEASE

Statement on Federal District Court Injunction (Black Hat Presentation)

SAN JOSE, Calif., July 28, 2005: Cisco Systems' response to the Federal District Court's issuance of a permanent injunction against Michael Lynn and Black Hat, Inc. from further disclosure of code and code pointers that could aid in the development of an exploitation of a network infrastructure:

We are gratified with the court's actions. Cisco and ISS took action only as a last resort, to stop continued irresponsible public disclosure of illegally obtained proprietary information.

Cisco's actions with Mr. Lynn and Black Hat were not based on the fact that a flaw was identified, rather that they chose to address the issue outside of established industry practices and procedures for responsible disclosure. It is Cisco's opinion that the method Mr. Lynn and Black Hat chose to disseminate this information was not in the best interest of protecting the Internet.

The court's order includes reference to the fact that ISS and Cisco had prepared an alternative presentation designed to discuss Internet security, including the flaw which Lynn had identified, but without revealing Cisco code or pointers which might help enable third parties to exploit the flaw, but were informed they would not be allowed to present that presentation at the conference. Once the stipulated permanent injunction is entered by the Court, Cisco and ISS will execute and file a dismissal of the Action against Michael Lynn and Black Hat, Inc.

In accordance with industry guidelines, Cisco, like other companies, generally does not release security notices until enough information exists to allow customers to make a reasonable determination as to whether or not they are at risk and how to mitigate possible risk. To clarify confusion caused by Lynn's irresponsible disclosure and resulting customer concerns, the company is following its standard process for disclosing security concerns. Cisco plans to communicate with its customers and partners by issuing a security advisory within the next day.

For press inquiries, contact Mojgan Khalili (business press) 408-489-4015 or John Noh (industry trade press) 408-242-3852.

For industry analyst inquiries, contact Lisa Caywood 408-857-3642.

Web Content Display Web Content Display
Web Content Display Web Content Display

Web Content Display Web Content Display

Stay Connected


Cisco Facebook @CiscoSystems on Twitter Cisco on Google Plus (+)
Cisco on LinkedIn Cisco on Pinterest Cisco on Youtube
Cisco - The Network RSS Cisco - The Network Podcast on iTunes Mynewswire Email - Cisco Newsletter
Web Content Display Web Content Display
img
Web Content Display Web Content Display
 
Web Content Display Web Content Display

Web Content Display Web Content Display

MyNewswire Subscription

Subscribe to MyNewsWire
Sign up now for free.

Our email newsletter, MyNewsWire, is your source for the latest Cisco news, press releases, features and videos. We'll help you stay up-to-date on technologies, events, innovations, and more. And now, you can get it as often as you like—free.