Re: A MUST READ!!!
From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 07/29/05
- Next message: Joe Peschel: "Re: Barcode Email"
- Previous message: Walter Roberson: "Re: Barcode Email"
- In reply to: Imhotep: "Re: A MUST READ!!!"
- Next in thread: Imhotep: "Re: A MUST READ!!!"
- Reply: Imhotep: "Re: A MUST READ!!!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Jul 2005 15:11:45 +0000 (UTC)
In article <bnrGe.54191$mC.13260@tornado.tampabay.rr.com>,
Imhotep <Imhotep@nospam.com> wrote:
:Todd H. wrote:
:>> http://www.securityfocus.com/n
:...the kicker is they are saying that software flaws fall under IP. That is
:crewed up as software flaws are unintentional....
No, Cisco is saying that information about the internal layout of
IOS is Trade Secret. The researcher's talk would have had to
describe essential features about the internal layout of IOS
in order to indicate how, given -any- buffer overflow, one could
consistantly take meaningful control of the device.
The internal layout of an operating system is valid IP.
Cisco wasn't objecting to the researcher publicising that
a single buffer overflow attack had been found: Cisco was objecting
that the researcher (who had access to NDA information) broke
NDA in revealing the internal organization of IOS to show how
classes of attacks would work against IOS.
-- The rule of thumb for speed is: 1. If it doesn't work then speed doesn't matter. -- Christian Bau
- Next message: Joe Peschel: "Re: Barcode Email"
- Previous message: Walter Roberson: "Re: Barcode Email"
- In reply to: Imhotep: "Re: A MUST READ!!!"
- Next in thread: Imhotep: "Re: A MUST READ!!!"
- Reply: Imhotep: "Re: A MUST READ!!!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
