Linked by Andrew Youll on Sat 30th Jul 2005 14:44 UTC, submitted by phaceton
Privacy, Security, Encryption A security expert has agreed never to repeat what he knows about various flaws in Software from networking giant Cisco.
Thread beginning with comment 11395
To read all comments associated with this story, please click here.
Let me get this straight
by on Sat 30th Jul 2005 18:41 UTC

Member since:

Cisco has had 4 months to fix the bugs. They decided to use a general purpose CPU for IOS (MIPS) knowing the consecuences of doing this. And now they want to pretend the problem doesn't exist by means of security through obscurity and legal threats. Information in itself is not bad. It's irresponsible vendors like Cisco and the proprietary Microseft with de facto monopolies that are harmful. Once a bug is discovered a large percentage of critical systems can be pwn3d before you can say Microseft. And that is why software/hardware monocultures are so bad.

Reply Score: 0

RE: Let me get this straight
by nemith on Sun 31st Jul 2005 15:34 in reply to "Let me get this straight"
nemith Member since:
2005-07-28

The bug was fixed... four months ago. Although the tecnique used to inject the shell code could be used with future exploits.

I am sure Cisco isn't "pretending" that the problem doesn't exist.

Reply Parent Score: 1