Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cisco, US DOJ Fire Another Salvo At Peter Adekeye

Soulskill posted more than 3 years ago | from the when-in-doubt-double-down dept.

Crime 94

theodp writes "Citing the widespread practice of sharing passwords for expediency's sake, Cisco's Chief Security Officer proclaimed in 2007 that people 'need to be held accountable for their risk-taking,' noting that CEO John Chambers drives home the point that 'information security is everybody's responsibility' at Cisco. But instead of accepting responsibility after a Cisco employee provided his ID and password to ex-Cisco engineer Peter Alfred-Adekeye, the networking giant sic'ed the Feds on Adekeye, who was slapped with a five-count indictment by a Federal grand jury last week. Adekeye's crime, according to the Court filing, was using the login credentials the Cisco employee provided him with 'in excess of the specific use granted by the Cisco employee.' For his five downloads of different versions of Cisco IOS — four of which were launched within a 15-minute period in 2006 — the government is seeking a penalty of 5 years imprisonment for Adekeye, a $250K fine, and 3 years supervised release. It's the latest salvo fired in the war Cisco and US prosecutors have waged against Adekeye since he filed an antitrust suit against Cisco in December 2008."

cancel ×

94 comments

Sorry! There are no comments related to the filter you selected.

Way to save money Cisco! (1)

HockeyPuck (141947) | more than 3 years ago | (#37024758)

With all the recent layoffs [informationweek.com] that Cisco has had recently, you'd think they'd find a better way to continue to save money rather than axing employees and then taking the saved salaries and redirecting it to the lawyers.

Re:Way to save money Cisco! (1)

dragon-file (2241656) | more than 3 years ago | (#37024874)

But someone's wallet has to get fat off the decline of businesses.

Re:Way to save money Cisco! (1)

NoNonAlphaCharsHere (2201864) | more than 3 years ago | (#37024912)

Actually, they're planning on shipping most of the remaining jobs overseas. While simultaneously leading the lobbying charge to lower corporate tax rates.

Re:Way to save money Cisco! (1)

slick7 (1703596) | more than 3 years ago | (#37027470)

Actually, they're planning on shipping most of the remaining jobs overseas. While simultaneously leading the lobbying charge to lower corporate tax rates.

Nobody held Wall street accountable, nobody holds Congress accountable, surely, no one will hold the banksters accountable, corporate america will not be held accountable, only the American people will be held accountable and they will pay the price while the fat cat bastards take the money and run.

Re:Way to save money Cisco! (4, Informative)

erroneus (253617) | more than 3 years ago | (#37024924)

That's logic and reasoning. We'll have none of that and neither will Cisco.

It is plain for all who have been following this story that "Cisco" (or more likely, one or a few people within Cisco) really have it in for this guy who is an ex-employee (with much inside knowledge) and has sued the company for its actions and policies.

When the employee [who in my opinion, effectively represents the company] gave credentials to Adekeye for the purpose of access to download "whatever" then that is not unauthorized access. I find it easy to believe a grand jury delivered an indictment, however -- they are just juries and the prosecution always does its level best to pick the least brilliant people they can find to parrot the prosecution's position.

Also, I don't believe Adekeye will be stupid enough to enter the US after all the crap he has gone through so far because of Cisco. And even if he did come to the US to win his case and his defense, no one at Cisco will be held accountable for this ridiculous set of charges and no one at the DoJ will be either. It's beyond ridiculous and yet they are persuing this with a completely straight face.

Re:Way to save money Cisco! (2)

Zcar (756484) | more than 3 years ago | (#37025288)

I find it easy to believe a grand jury delivered an indictment, however -- they are just juries and the prosecution always does its level best to pick the least brilliant people they can find to parrot the prosecution's position.

It's also worth noting the difference between a Grand Jury and a Petit (Trial) Jury. A Grand Jury only hears the prosecutors side and only decides if there's enough evidence to proceed with a trial. It's not until a defendant is before the Petit Jury that he can offer evidence or attack the prosecution's evidence.

thanks for the excellent point. juries (1)

decora (1710862) | more than 3 years ago | (#37027120)

in a case like this will agree with user erroneous IMHO.

its sort of like the Drake case. the government is full of shit, but its really heavy sounding shit that makes you think Adekeye did something horrible.

then when you dig into the details, you find out, well, the government was just full of shit. and all of that heavy sounding tone was just some DOJ moron grandstanding and doing bullshit PR work to try to influence media coverage of the case.

Re:Way to save money Cisco! (1)

slashqwerty (1099091) | more than 3 years ago | (#37029348)

Along with that grand juries do not have to reach a unanimous decision. At the federal level [wikipedia.org] grand juries must have between 16 and 23 members. It only takes 12 to issue an indictment.

Also, grand juries are not screened for bias. The prosecutor does not have an opportunity to "pick the least brilliant people they can find".

Re:Way to save money Cisco! (0)

Anonymous Coward | more than 3 years ago | (#37025724)

The "damages" being sought are certainly ridiculous, there are a couple of points that you overlook.

First, whether the password came from withing or without Cisco isn't a factor in determining whether the access is "authorized." Phrases like "inside job" and "accomplice" come to mind. Unless Adekeye believe that he was being given authorization to download the material, his access was unauthorized. Unless the employee believed the same, he's equally culpable.

Also, there is something called "malicious prosecution" which may come into play if it turns out that Cisco is making things up. I'm sure that's a difficult case to push, though, considering that all trials are at the King's pleasure.

Re:Way to save money Cisco! (1)

Peristaltic (650487) | more than 3 years ago | (#37026002)

It's beyond ridiculous and yet they are persuing this with a completely straight face.

Think about it from a different perspective- Among the people I know, Cisco is believed to be near the bottom of the list when it comes to ethical business practices, in spite of their loud proclamations otherwise. Assuming this to be the case, the same management team that perpetuates this culture is sure to apply the same kind of ethics as they make an example of Adekeye, to discourage others from exposing their behavior as he did. From their point of view, it's probably money well invested- and besides, the government's spending the -real- money to get this guy... It's likely that Cisco only had to prime the pump with lobbying dollars to purchase influence, at a fraction of the true cost of prosecution.

I would say that it's similar in some ways to how the Mafia operates, which in turn shines a poor light on the Justice Department, an institution that seems to keep finding new ways to sink lower and lower (but Thank God they tried to save us from Roger Clemens). Then again, when you look at who they really work for, it's not much of a surprise.

Re:Way to save money Cisco! (1)

GameMaster (148118) | more than 3 years ago | (#37026060)

Actually, as far as I understand it, the civil trial between them has been over for a while now (unless Adakeye decides to sue Cisco for their abusive behavior while he was in Canada, but Cisco has no control over that). I'm pretty sure that this is all just a criminal case which means that the U.S. government gets to foot the bill for it.

Re:Way to save money Cisco! (1)

jimpop (27817) | more than 3 years ago | (#37027352)

It's the lawyers who are making these decisions. If you get rid of all the lawyers, these types of abuses go away, and the business can get back to doing what they do best.

Re:Way to save money Cisco! (1)

tehcyder (746570) | more than 3 years ago | (#37031572)

It's the lawyers who are making these decisions. If you get rid of all the lawyers, these types of abuses go away, and the business can get back to doing what they do best.

And what businesses do best in the absence of law and lawyers is screw customers, wreck the environment, and exploit their workforce.

Re:Way to save money Cisco! (1)

jimpop (27817) | more than 3 years ago | (#37032950)

Spoken like a true lawyer!

Re:Way to save money Cisco! (1)

HappyPsycho (1724746) | more than 3 years ago | (#37048834)

I think you can replace businesses with human beings and the statement will still hold.

The moral is... (1)

Issarlk (1429361) | more than 3 years ago | (#37024858)

use Cisco, go to jail.

At least that's what I'll remember of this story.

Re:The moral is... (1)

HappyPsycho (1724746) | more than 3 years ago | (#37050104)

I think a better analogy is "The Monkees are like the mafia. You're in for life. Nobody gets out".

Followed by: "You wanna fuck with me? Okay. You wanna play rough? Okay. Say hello to my little friend!" with a side of "If you can’t win by fighting fair, fight foul. Or have a third party do your fighting."

Probably the best explanation of this incident: "Ours is a government of checks and balances. The Mafia and crooked businessmen make out checks, and the politicians and other compromised officials improve their bank balances."

WTF ... (1)

gstoddart (321705) | more than 3 years ago | (#37024870)

For his five downloads of different versions of Cisco IOS â" four of which were launched within a 15-minute period in 2006 â" the government is seeking a penalty of 5 years imprisonment for Adekeye, a $250K fine, and 3 years supervised release.

So, an actual Cisco employee gave him his credentials, he logged into pull down the stuff he needed (and fairly quickly from the looks of it) and someone thinks that's worth 5 years in jail?

Charge the Cisco employee who gave him the password ... from the sounds of it, he did exactly what he was given the credentials for.

I don't get this. Are they alleging he illegally accessed the server? Or that he accessed more than he was supposed to?

google 18 USC 1030 (1)

decora (1710862) | more than 3 years ago | (#37024920)

behold the stupidity that is the federal computer law

Re:WTF ... (1)

dragon-file (2241656) | more than 3 years ago | (#37024940)

It clearly states that he exceeded what the username/password was given to him for. Like giving you a key to my house, so you can feed my dog. But then you use my computer while your there. I never gave you the key to my house so you could use my computer. So... 5 years in jail and $250k fine.

Re:WTF ... (1)

erroneus (253617) | more than 3 years ago | (#37025122)

CAR ANALOGY: (stop reading if you hate them(

If I give you the key to my car and you drive away with it and even leave the state, the MOST you are guilty of is a misdemeanor.

And tend to think the notion of "exceeding the purpose" is a matter of speculation at the very least and more likely a wild stretch of the imagination.

I can't even consider what was done, even if it were true, to be a criminal offence in the slightest. It may be a violation for the employee who is probably long since terminated, but that should have been the end of the story.

For the DoJ to get involved with this is ridiculous on its face. And for them to put this much weight behind such a weak case can only tell me that there is something very corrupt going on there.

you also said he couldnt use the toilet (1)

decora (1710862) | more than 3 years ago | (#37027144)

'hey dude could you watch my house and my dog?'

'sure dude. gimme the key'

'ok bro'

two weeks pass...

'dude you took a shit in my toilet!'

'uhmm yeah? so what?'

'so! you violated the toilet fraud and abuse act! im gonna sue you! im gonna sue you in england!'

Re:WTF ... (2)

drolli (522659) | more than 3 years ago | (#37025018)

If i trick (not saying it was the case here) an employee into giving me access to something then its still me who commits the crime.

Re:WTF ... (0)

Anonymous Coward | more than 3 years ago | (#37027314)

If, on the other hand, an employee comes up to you and says "here, take my login and password to do whatever you want", then it's NOT you who commits the crime.

Re:WTF ... (1)

Darinbob (1142669) | more than 3 years ago | (#37025726)

He's set up a competing consulting business, which is why Cisco hates him. He did not grab these versions because Cisco allowed him too and this was clearly unauthorized access (getting a key from an employee doesn't grant authorization to take whatever you want). So Adekeye seems in the wrong. But the Feds seems to be going nuts here and treating a minor infraction into a major felony. Some people at DOJ are clearly on Cisco's payroll.

Re:WTF ... (1)

HappyPsycho (1724746) | more than 3 years ago | (#37050208)

Last I checked, any CCIE or similarly qualified professional can access IOS images. I haven't seen anything about him downloading any file that is private / confidential to Cisco. These are files that they publish to use with their equipment, which is actually the heart of his anti-trust lawsuit.

Re:WTF ... (1)

HappyPsycho (1724746) | more than 3 years ago | (#37050306)

Bleh, I just re-read my comment and let me clarify.

The heart of his lawsuit is that you need to be one of these professionals or have a contract with them for access to the IOS images. And as someone who uses Cisco equipment, it is far from uncommon for a username / password to be issued on a per case basis to allow you to access a software image that can be tried to see if it solves your issue.

Re:WTF ... (1)

GameMaster (148118) | more than 3 years ago | (#37026100)

Yea, one of the things that the Canadian judge pointed to as being so absurd about the whole thing is their insistence on calling what any rational person would consider one offense (if it even qualifies as an offense at all) multiple separate offenses because accomplishing the "crime" took multiple attempts. It would be like charging someone with a separate count of breaking and entering for each, individual, swing of the axe it took to break the door down.

Re:WTF ... (0)

Anonymous Coward | more than 3 years ago | (#37038392)

If your teenage daughter loans her housekey to a friend so they can feed the dog one night while she goes out and sees a movie and that friend takes all the valuables from the house...who committed the crime?

Judicial intervention (0)

Anonymous Coward | more than 3 years ago | (#37024892)

At what point does a judge step in and (hopefully if he/she is sensible) but an end to these shennanigans?

What right does Cisco have to bring U.S. prosecutors over what is basically, in their world, a "violation" of the terms of use? Chrysler can't bring criminal a criminal suit against me if I drive my car like I'm in Project Gotham Racing.

Or is that another version of the MAFIAA?

Re:Judicial intervention (1)

NoNonAlphaCharsHere (2201864) | more than 3 years ago | (#37024956)

Four words: D M C A.

same bullshit law used against Drake and Manning (5, Insightful)

decora (1710862) | more than 3 years ago | (#37024900)

this is the Computer Fraud and Abuse Act, which basically makes it a Federal Crime to 'do anything we dont like, with a computer'.

it is overly broad and probably unconstitutional.

that is, if someone would challenge it's constitutionality in court.

if you dont know about the Thomas Drake case, google it

same for the specific counts against Manning (i.e. the 'collateral murder' video, well, they are trying to get him on the exact same paragraph here, 18 usc 1030 a 2)

Re:same bullshit law used against Drake and Mannin (1)

girlintraining (1395911) | more than 3 years ago | (#37025112)

this is the Computer Fraud and Abuse Act, which basically makes it a Federal Crime to 'do anything we dont like, with a computer'.

Fair enough, but there is no way anyone can say Cisco is being hypocritical and "not taking responsibility" for the leak, when anyone who works security will say authentication credentials have to be secure or no matter what system is used. That's the purpose of credentials, after all; to allow access.

anyone who works in a cube (1)

decora (1710862) | more than 3 years ago | (#37027866)

has been told by their boss "oh just use my password... we applied to get you access 4 weeks ago but they still havent gotten back to us. and its off hours so nobody is there who can do it. and this has to be out by tonight"

and they dont get 5 years in prison for it

That's the least of Manning's problems (1)

MikeRT (947531) | more than 3 years ago | (#37025668)

The Computer Fraud and Abuse Act is just the tip of the iceberg for Manning. Unlike this guy, Manning has about 22 other charges against him, most of which pertain to violations of national security by someone in the military and/or holding a security clearance. The most serious one is "aiding the enemy" which that alone can get a soldier the death penalty.

The CFAA is just one of my tools they're using against Manning (assuming you are correct that it's a charge in his case). The prosecution could "quite magnanimously" drop it and Manning would still be so screwed he'd have no hope in hell of getting away with it.

read the charge sheets (1)

decora (1710862) | more than 3 years ago | (#37027092)

there are a large number of counts against him that are CFAA, or the military equivalent (my favorite: "using a computer for other than its intended purpose")

imho, the CFAA charges against manning are not the tip of the iceberg - they are the iceberg.

Aiding the Enemy is the shiny barber pole sticking in the top of the iceberg, that everybody notices. Those other charges are there for bullshit reasons, one of which is apparently to set a precedent where nobody is allowed to blog about taking a shit without being put in prison for 10 years.

Read related links (5, Informative)

mariushm (1022195) | more than 3 years ago | (#37024902)

Anyone reading this should also read how Cisco lied and got him arrested in Canada ... there's a link right below the description but I'm posting it again here as well:

http://www.techdirt.com/articles/20110722/02351315202/how-cisco-justice-department-conspired-to-try-to-destroy-one-mans-life-daring-to-sue-cisco.shtml [techdirt.com]

http://arstechnica.com/tech-policy/news/2011/07/a-pound-of-flesh-how-ciscos-unmitigated-gall-derailed-one-mans-life.ars/1 [arstechnica.com]

Re:Read related links (2)

eco2geek (582896) | more than 3 years ago | (#37025394)

Having read the Ars Technica story, I'm disturbed and maybe even a little frightened by the DOJ's actions against Mr. Adekeye. They're determined to take away his freedom and his money while acting as the muscle for Cisco's legal department.

This, along with other recent ridiculous cases, like the trumped-up charges against Aaron Swartz [slashdot.org] , have left me wondering, what can a US citizen do to change this situation?

Re:Read related links (0)

Anonymous Coward | more than 3 years ago | (#37025448)

"They will always have their Montag."

If they can intimidate you and make you stop, they will. If they later must do more to make you stop, and, in that process, deter others, they have done their job well...

fight back with humor and whimsy...

Re:Read related links (0)

Anonymous Coward | more than 3 years ago | (#37025522)

This, along with other recent ridiculous cases, like the trumped-up charges against Aaron Swartz [slashdot.org], have left me wondering, what can a US citizen do to change this situation?

Well, the soap-box and the ballot-box have utterly failed you ... I hesitate to suggest any other form of box.

Face it, your government and its agencies have become the extension of corporations ... the very same ones who are gutting your jobs, sending them overseas, and asking for tax breaks for themselves and the other rich people. You as a citizen are irrelevant.

The corporations are in charge ... Your government has sold you out.

Re:Read related links (0)

Anonymous Coward | more than 3 years ago | (#37025824)

Now you may understand why the underground rail road runs from the USA to Canada and not the other way around. Note that the statue of Libertas in the New York harbour is looking the wrong way. All of the USA is behind her back.

Re:Read related links (2)

Nadaka (224565) | more than 3 years ago | (#37025906)

You can leave the country. Its getting to the point where the most patriotic thing you can do is find a country that more aptly fits American ideals than the US does.

Re:Read related links (0)

Anonymous Coward | more than 3 years ago | (#37026326)

Aww.. where????? I have yet to find a country that won't extradite you to the US for violating at least SOME US law. Sadly we have no concept of jurisdiction any more or at least not what I think of when I think of jurisdiction. If you leave a jurisdiction there should be no possibility of extradition.

Re:Read related links (1)

Nadaka (224565) | more than 3 years ago | (#37026924)

I wasn't really considering extradition issues, which I probably should have considering the topic.

Re:Read related links (1)

SilentChasm (998689) | more than 3 years ago | (#37029254)

But if you leave the country, they'll just arrest you and bring you back.

Joking...
(only sort of)...
It's really depressing hearing about cases like this.

Re:Read related links (1)

DrBoumBoum (926687) | more than 3 years ago | (#37026682)

what can a US citizen do to change this situation?

Join Cisco's legal team - this will change the situation, at least for himself.

Re:Read related links (1)

tehcyder (746570) | more than 3 years ago | (#37031670)

what can a US citizen do to change this situation?

Thanks to the Constitution, aren't you legally entitled to shoot all the lawyers and politicians and create paradise on earth?

Huh? (0, Troll)

Anonymous Crobar (1143477) | more than 3 years ago | (#37024908)

But instead of accepting responsibility after a Cisco employee provided his ID and password to ex-Cisco engineer Peter Alfred-Adekeye, the networking giant sic'ed the Feds on Adekeye, who was slapped with a five-count indictment by a Federal grand jury last week.

Can someone explain to me why the company's CEO should be responsible for his employee wrongfully sharing his password? Disregarding the specific employee's fate for a moment (the link is dead at this time), how is "sic[ing] the Feds" an inappropriate response for someone who illegally penetrated their network?

For his five downloads of different versions of Cisco IOS — four of which were launched within a 15-minute period in 2006 — the government is seeking a penalty of 5 years imprisonment for Adekeye, a $250K fine, and 3 years supervised release.

Summary: Man penetrates corporate network with hot credentials, man copies software from illegally penetrated network, man complains when law enforcement gets involved.

It's the latest salvo fired in the war Cisco and US prosecutors have waged against Adekeye since he filed an antitrust suit against Cisco in December 2008.

Private citizens cannot file antitrust suits.

Insert comment about the quality of free slashdot submissions and obligatory lawn reference.

Re:Huh? (1)

OverlordQ (264228) | more than 3 years ago | (#37025000)

Can someone explain to me why the company's CEO should be responsible for his employee wrongfully sharing his password?

That's not what they're saying. They're saying that the person who shared the password should be responsible. Did you even read TFS?

Cisco's Chief Security Officer proclaimed in 2007 that people 'need to be held accountable for their risk-taking,' noting that CEO John Chambers drives home the point that 'information security is everybody's responsibility' at Cisco.

Re:Huh? (2)

Desler (1608317) | more than 3 years ago | (#37025088)

Who says they didn't punish that employee? Secondly, how does that change the fact that this guy did something he was not authorized to do? So if you give me a key to your house to bring in your mail I can steal your TV without any consequences since you gave me the key to the front door?

Re:Huh? (1)

Hydian (904114) | more than 3 years ago | (#37025246)

He was authorized. A representative of Cisco gave him credentials to use for that purpose. That Cisco representative may not have been authorized to grant said permission, but that is not Peter Alfred-Adekeye's fault.

Re:Huh? (1)

erroneus (253617) | more than 3 years ago | (#37025302)

Go back to Gamilus.

I would say that on the surface, the employee who gave him the credentials to log in and download whatever those credentials allow was a representative of Cisco and that the access Adekeye enjoyed was both authorized and legal. And if that's not the case, then NO access granted by any employee of a company short of the CEO or President of the company and signed by the company's attorney is subject to being considered unauthorized and illegal.

Re:Huh? (1)

berashith (222128) | more than 3 years ago | (#37025012)

im not clear on these points also. Is it true that every time i log in to my slashdot account I have penetrated a corporate network?

Re:Huh? (1)

tehcyder (746570) | more than 3 years ago | (#37031706)

im not clear on these points also. Is it true that every time i log in to my slashdot account I have penetrated a corporate network?

Yes, and that's the only time you hear the words "slashdot account" and "penetrated" in the same sentence.

*rimshot*

Re:Huh? (2, Insightful)

Registered Coward v2 (447531) | more than 3 years ago | (#37025022)

Summary: Man penetrates corporate network with hot credentials, man copies software from illegally penetrated network, man complains when law enforcement gets involved.

Not only that, but he was let into the network to recommend his company become a preferred partner of Cisco. Why he decided to d/l software he was not authorized to possess is beyond me, but you would think he would realize that was likely to piss off Cisco.

There is more to this story than meets the eye; Cisco would not bother to do this unless there was something else at stake. My guess is there was some concern about how he planned to use the information he had gotten; or over the initial establishment of his company.

Of course, at /. big corporation bad is the general response...

Re:Huh? (1)

NoNonAlphaCharsHere (2201864) | more than 3 years ago | (#37025102)

Because "corporate personhood" is a terrible idea? Because a corporation by definition must behave as a sociopath? Maybe that's why.

Re:Huh? (1)

tehcyder (746570) | more than 3 years ago | (#37031730)

Because "corporate personhood" is a terrible idea? Because a corporation by definition must behave as a sociopath? Maybe that's why.

You do know that corporations are only collections of actual human beings?

Re:Huh? (1)

Neil Watson (60859) | more than 3 years ago | (#37025286)

Money is the motivation. Very likely in the form of Multiven [multiven.com] . Mr. Alfred-Adekeye the founder and CEO of Multiven.

Re:Huh? (0)

Anonymous Coward | more than 3 years ago | (#37025358)

Yeah he was suing them for basically using their marketing power to only let cisco fix cisco equipment. He was basically cornered out of a job thru the use of the same thing intel and ms did for years.

It is simple retaliation. When he was arrested he was testifying against cisco. They actually arrested him in the middle of a court trial.

Don't trust one word from Cisco (5, Informative)

Quila (201335) | more than 3 years ago | (#37025370)

Normally I would, but Cisco has been proven to be complicit in lying and subterfuge in this case.

Check out the note above about what they did in Canada. They fed a boatload of lies to the DoJ which were then parroted to the Canadians to get him extradited here. The Canadian judge was PISSED when this was found out.

It was seriously evil and twisted. How's this: He is a British citizen traveling on a valid British passport. He sues Cisco. He lives in Switzerland and can't get back into the US legally until he resolves some immigration issues, which he has documentation he's been actively trying to do. So he can't come to the US to make a deposition in the case. Cisco doesn't want to go to Switzerland, so they arrange for Canada. Cisco/DoJ has him arrested and held for extradition in the middle of the deposition.

Here's a fun lie: The justification for this was that he refused to come into the US, so he had to be nabbed in Canada. But there is documentation showing he had been continually trying to come back to the US to run his company. A quick check with DHS would have shown the DoJ that Cisco was lying, but they didn't even bother. The judge in the antitrust case knew about the situation and had approved the Canadian deposition.

If they wanted him that badly, they could have just granted the visa, he would have entered the US, and he could have been arrested.

He's Nigerian by birth, but he had been a British citizen for years, and a successful executive with IBM, AT&T and then Cisco. Cisco brought him to the US on his British passport. Cisco then fed the DoJ a big story about this shady Nigerian who could flee at any moment if not nabbed in Canada and held there. Without checking, the DoJ passed this false story onto the Canadians.

I've read the Canadian court decision. It is downright scary what happened, Cisco colluding with the DoJ and lying to a sovereign country's courts in order to strongarm a person into giving up his antitrust suit.

More to the story (1)

Quila (201335) | more than 3 years ago | (#37025440)

It is the antitrust suit he had going against Cisco. Cisco had locked out any other company that might want to provide maintenance for Cisco products, and that was the business his company was in, so he sued. He had been gathering evidence to use in the case against Cisco, and of course Cisco didn't want that.

Re:More to the story (2)

Registered Coward v2 (447531) | more than 3 years ago | (#37025950)

It is the antitrust suit he had going against Cisco. Cisco had locked out any other company that might want to provide maintenance for Cisco products, and that was the business his company was in, so he sued. He had been gathering evidence to use in the case against Cisco, and of course Cisco didn't want that.

Separate from the supposed anti-trust actions of Cisco, why would anyone do something that could be used against them by someone they were suing? You're basically giving them the club to beat you with; if you really need that information you should try to get it through the legal process. I have no idea what his motivations were, it just strikes me as odd to expose yourself the way he apparently did knowing your opponent is a very large company who can buy boatloads of legal advice.

I didn't say it was a smart move (1)

Quila (201335) | more than 3 years ago | (#37026640)

He probably thought that a Cisco employee letting him in gave him some protection. It's not like he hacked or was even dishonest, basically asking a Cisco employee up front "can I use your account to see what I can get?" You don't do that if you have illegal purposes.

Sounds like he was playing private detective to discover what access engineers had, probably worried Cisco would switch around permissions if the info were asked for in the suit. Given that he would have had this type of access as a Cisco employee, I'm betting that he was checking to see if such access still existed for engineers, probably in response to Cisco saying engineers didn't have that kind of access.

Re:I didn't say it was a smart move (1)

Registered Coward v2 (447531) | more than 3 years ago | (#37028524)

He probably thought that a Cisco employee letting him in gave him some protection. It's not like he hacked or was even dishonest, basically asking a Cisco employee up front "can I use your account to see what I can get?" You don't do that if you have illegal purposes.

The problem is doing that and then accessing the network is illegal in and of itself. He was not authorized to use it once he left (an assumption since if he was he'd still have a id and pword) and then used someone else's login who probably was not authorized to allow him to use his login credentials. Unfortunately, in the end, he was no different than any social engineer who uses his or her skills to gain access by acquiring a legitimate set of login credentials by asking for it.

Sounds like he was playing private detective to discover what access engineers had, probably worried Cisco would switch around permissions if the info were asked for in the suit. Given that he would have had this type of access as a Cisco employee, I'm betting that he was checking to see if such access still existed for engineers, probably in response to Cisco saying engineers didn't have that kind of access.

If Cisco did that they would be in a world of trouble when it was found out. Courts don't take lightly destroying evidence or committing perjury. I was involve in a potential suit a while ago and the first thing our lawyers did was collect everyone's notes, disks, papers etc. pertaining to the issue and keep them safe so if they had to turn them over they could without any getting destroyed in the interim.

Re:I didn't say it was a smart move (1)

Quila (201335) | more than 3 years ago | (#37029042)

Unfortunately, in the end, he was no different than any social engineer who uses his or her skills to gain access by acquiring a legitimate set of login credentials by asking for it.

A social engineer has an element of deception. He flat-out asked for it.

If Cisco did that they would be in a world of trouble when it was found out. Courts don't take lightly destroying evidence or committing perjury

That's not all far-fetched given Cisco's abuse of the legal system in this fiasco. I'm betting Cisco had to swear to many of the outright lies used to try to have him held and extradited.

Re:I didn't say it was a smart move (1)

Registered Coward v2 (447531) | more than 3 years ago | (#37031392)

Unfortunately, in the end, he was no different than any social engineer who uses his or her skills to gain access by acquiring a legitimate set of login credentials by asking for it.

A social engineer has an element of deception. He flat-out asked for it.

I disagree that social engineering necessarily involves deception - it's simply using social skills to connect with the person who has the information you are seeking and convincing them to give it to you. Deception is not need to do that - you can often get what you seek simply by asking for it in a straightforward manner with, if asked, an honest explanation of why you want it. That said, he asked for it but then, according to TFA, used the information in a way that was not how he explained he planned to use it, so in this case I'd say it's not unreasonable to conclude he was being deceptive. Even so, being given someone's credentials, even if you simply asked them for it without being deceptive, does not authorize you to access their system; unless they have specific authority to grant you the right to use the credentials in such a manner.

At any rate, I think we both agree what he did was dumb considering he was in the midst of a lawsuit.

If Cisco did that they would be in a world of trouble when it was found out. Courts don't take lightly destroying evidence or committing perjury

That's not all far-fetched given Cisco's abuse of the legal system in this fiasco. I'm betting Cisco had to swear to many of the outright lies used to try to have him held and extradited.

Since it appears both sides have settled their differences nothing will probably come of it; unless the US Judge was sufficiently angered to decide to teach them a lesson. Unlikely, but a federal judge is not someone you want mad at you because of legal shenanigans.

Re:I didn't say it was a smart move (1)

Quila (201335) | more than 3 years ago | (#37043868)

Unlikely, but a federal judge is not someone you want mad at you because of legal shenanigans.

You should see the decision from the Canadian judge about Cisco's conduct and the complicity of the US government. Royally pissed off may adequately describe it.

proportionality (1)

decora (1710862) | more than 3 years ago | (#37025036)

because people do this all the time, (sharing passwords) at every company in america.

and 99.99999% of them dont get any jail time, and the federales dont care. they have better things to do, like going after Mara Salvatrucha and mexican drug lords.

it just is a bizarre coincidence when the one guy they do choose to go after just so happens to have been a small business man in competition with a behemoth that some would argue is guilty of violating the anti monopoly laws.

on the other hand i do agree with the rest of your post, the writing of the summary could be improved a great deal.

Re:Huh? (0)

Anonymous Coward | more than 3 years ago | (#37025052)

A CEO should never be responsible for any behavior of the corporation. That's is the whole point of a corporation to deflect responsibility.
Hot credentials seems a little prejudiced. I suppose he was being accomodating to consider using loaned credentials. It's likely if he insisted on legit credentials Cisco would have gvien the opportunity to someone else instead who would accomadate loaned credentials..

Re:Huh? (1)

Plunky (929104) | more than 3 years ago | (#37026568)

A CEO should never be responsible for any behavior of the corporation. That's is the whole point of a corporation to deflect responsibility.

Surely the purpose is to deflect responsibility from the investors, not the people who make the decisions directly..?

Better summary (1)

Quila (201335) | more than 3 years ago | (#37025090)

Cisco employee with valid credentials let's Adekeye log on for a few minutes to get what he needs. IMHO, firing the employee for a violation of policy is about the extent of the redress here.

Private citizens cannot file antitrust suits

Check out USC 15, Chapter 1, Section 15.

Re:Better summary (1)

Anonymous Crobar (1143477) | more than 3 years ago | (#37025174)

I stand corrected.

Re:Better summary (-1)

Anonymous Coward | more than 3 years ago | (#37025568)

oh, DO sit down.

Re:Better summary (1)

Desler (1608317) | more than 3 years ago | (#37025232)

Cisco employee with valid credentials let's Adekeye log on for a few minutes to get what he needs. IMHO, firing the employee for a violation of policy is about the extent of the redress here.

And why should the guy who used those credentials to do something he had no authorization for go unpunished? Sure, what Cisco is doing is definitely over the top, but the guy had no permission to be downloading the software he did. Do you find it okay for people you ask to come over to take things from your house and leave?

Re:Better summary (1)

NoNonAlphaCharsHere (2201864) | more than 3 years ago | (#37025390)

I have to agree with this. If I'm a bank employee who lets you in the back door, and you rob the place, BOTH of us are going to jail.

Re:Better summary (1)

Xaositecte (897197) | more than 3 years ago | (#37025434)

He WAS authorized. The only way he had of verifying that the employee wasn't authorized to give him what he needed.

If someone with the key to my house lets a stranger into my house and says, "take this stuff" - the stranger isn't criminally at fault, because he has every reason to believe the person with a key to my house is authorized to be in there and tell him to take stuff.

This is what a Canadian judge had to say (2)

Quila (201335) | more than 3 years ago | (#37025546)

After reviewing all of the facts of the case:

"Here we have a man who has no criminal record, who made every possible effort to comply with US immigration laws and procedures, but who dared to take on a multinational giant, rewarded with criminal charges that have been so grotesquely inflated as to make the average well-informed member of the public blanche at the audacity of it all"

Re:Better summary (1)

spire3661 (1038968) | more than 3 years ago | (#37026564)

Ahh, but he did not take, he replicated. It is a far less subtle distinction then most would like to admit. Taking involves depriving you your use of it.

Re:Huh? (0)

Anonymous Coward | more than 3 years ago | (#37025182)

Can someone explain to me why the company's CEO should be responsible for his employee wrongfully sharing his password?

Because they're the CEO?

Or is it that only when the corporation screws up/does evil, and profits, that the corporate veil applies, and protects the bad guys?

When something that management doesn't like happens, and the corp does not profit, then the corporate veil doesn't apply?

If the corp has a problem with what one of its parts did, maybe they should seek remedy from/fire that part/employee.

Re:Huh? (0)

Anonymous Coward | more than 3 years ago | (#37025990)

Try it another way.

Friend does *not* provide credentials, friend logs in personally on Alfred-Adekey's PC, and proceeds to download the software for him.

Now what do you say? Hmmmm?

Same difference in this place. Friend agrees with Alfred-Adekey's point of view, provides information to get data needed, and it is downloaded.

No difference between the two in this case.

Is this for real? (1)

oneiros27 (46144) | more than 3 years ago | (#37024962)

I got to the second page, when I saw they made a claim:

Cisco's website, www.ciso.com, acted as a gateway to both publicly available information ...

Did they even bother proof-reading it if they can't get the name of the company's domain name correct? This sort of sloppy work makes me wonder if the lawyers are incompetent, or if this is a joke.

Re:Is this for real? (1)

Pieroxy (222434) | more than 3 years ago | (#37025024)

This sort of sloppy work makes me wonder if the lawyers are incompetent, or if this is a joke.

Both maybe?

Whose wife did this guy fuck? (1)

spidercoz (947220) | more than 3 years ago | (#37025032)

Seriously, this passed sanity a long time ago, someone has a chip on their shoulder.

Re:Whose wife did this guy fuck? (1)

Mashiki (184564) | more than 3 years ago | (#37025104)

Everyone at Cisco and the DOJ? They seem to be lining him up for a pretty good ass reaming as it is.

Re:Whose wife did this guy fuck? (1)

ColdWetDog (752185) | more than 3 years ago | (#37025842)

Everyone at Cisco and the DOJ? They seem to be lining him up for a pretty good ass reaming as it is.

By whom? The best you could possibly hope for is a sound written thrashing by a pissed off judge. And if that doesn't work, well, the judge will have to write another letter.

  Oh, that and a few people on the Internet will get upset.

Nah (0)

Anonymous Coward | more than 3 years ago | (#37025048)

I hate cisco as much as the next IT geek, but the problem is the password sharing. This is such a problem and yet nothing has EVER been done in the last 10 years since the dotcom crash.

Here's what I think should happen...
1. No more passwords, for this to happen, shared secret systems must be EASY...
2. Shared secrets are stored in NFC devices (Phones, PDA's, Wristwatches, earrings, whatever) that all future equipment support interfacing with. These devices have a physical switch to enable the communication and when not enaged, simply don't work.
3. The physical device only acts as an authentication token, while the identity verification is done by next-generation Passports,Drivers Licenses, and Medical cards. (Eg, to get the authentication token, they go to one of the three issuing government agencies)

So in the future, passwords simply can't be "shared", when you become employed or fired from a company, they remove the shared secret from their system that is paired to your authentication token. When you want to login to gmail or your website, you just press the button on the device and hold it to the scanner.

I don't see this happening anytime soon, but the ridiculousness of passwords needs to die soon.

Re:Nah (1)

YodasEvilTwin (2014446) | more than 3 years ago | (#37025398)

You just press the button on the device and hold it to the scanner.

And the info sent by the scanner can't be intercepted? The device can't be stolen or cloned? It's just a fancy-dancy password.

Re:Nah (1)

hawguy (1600213) | more than 3 years ago | (#37025740)

You just press the button on the device and hold it to the scanner.

And the info sent by the scanner can't be intercepted? The device can't be stolen or cloned? It's just a fancy-dancy password.

It can't be intercepted if they do the protocol right - your device should sign their (unique) authentication request with your private key, then they verify the request with your public key. Someone can intercept the transaction, but they can't replay it because each authentication request is unique, they'd need your private key to impersonate you.

The device could be stolen, but would presumably be protected with a password and the user would soon notice and report it stolen so it would have a limited lifetime and would immediately arise scrutiny to see what areas the account accessed after the device was reported stolen.

Use biometrics (fingerprint, iris scan, etc) to protect the passkey stored on the NFC device, and then even if the user wants to share it with another user, he can't. (otherwise he could just give his device+password to a whoever he wants to share access with)

The device could be stolen, cloned, and seamlessly returned to the user, but this kind of attack is so difficult that it's not worth the trouble for most secrets (no one is going to creep into your house at night, steal your NFC device, clone it and return it to your house by morning just so they can download a few IOS images). Tamper resistant devices that resist cloning and reverse engineering make it even harder to do this without the user knowing that the device was compromised. They may be able to cut it open and extract your private key, but putting it back together and having it still work is harder.

Re:Nah (1)

Mephistophocles (930357) | more than 3 years ago | (#37025752)

You're out of your damn mind.

Do this and you've 1) assigned ultimate control of all passwords to the government, and 2) assigned everyone a bar code. Sounds like a great idea, Stalin.

How about this (policy at my company since we can't afford a decent auth token solution) - share your password, lose your job. Period. IT occasionally conducts "stings" (i.e., social engineering pen tests) to find out if anyone will do it, thereby keeping awareness and paranoia at a healthy high.

Otherwise, let's not get city hall involved in this, please. Auth tokens are great, but let's keep control in the hands of the organization, or at most a (private) group of central authentication companies.

I wonder (1)

drobety (2429764) | more than 3 years ago | (#37025526)

Can't he just get a restraining order from a Swiss judge against the two creeps (US, CSCO) stalking him?

Hmm... (0)

Anonymous Coward | more than 3 years ago | (#37026926)

You say: "people need to be held accountable for their risk-taking".

I say: "Yeah, like the bailout".

*cough*

Who benefits? Who will pay? (1)

nickmalthus (972450) | more than 3 years ago | (#37027336)

Who will foot the bill for the DOJ prosecution and his potential incarceration? Not the corporation Cisco since American corporations are expected to receive tax incentives from governments instead of paying any taxes to them. Certainly not the Cisco executives who are in a tax bracket of their own full of loop holes to preserve their imbalanced incomes. No, it will be the average American who will pay since they are alleged to be the main benefactor of imprisoning this individual in a case which should be at most a civil manor and not a criminal one. This is state captialism at it's worst.

The Canadian Judge destroyed the Fed's argument .. (2)

Jerry (6400) | more than 3 years ago | (#37029414)

and Cisco's as well, and revealed that the DOJ was nothing less than armed thugs working at Cisco's direction.

I saw the video of the deposition in Canada. It was in Canada because the US wouldn't let Adekeye into the US. Both the Feds and Cisco knew that Adekeye had applied for permission to enter the US and was denied, but they didn't inform the Canadian police of that, leaving them with the impression that he was a fugitive from Justice. IF he were a fugitive they could have let him in and then captured him at the boarder. But, what they really wanted to do was further soil his reputation unjustly. So, they lied to Canada about his status. While he was being questioned by attorneys at the deposition a Canadian constable, uninformed of the situation, barged in and served a warrant for his arrest, interrupting the legal proceeding, which was itself unprecedented. Attorneys for Adekeye wanted to shut off the cameras, but attorneys for Cisco wanted them to run so they was have video "proof" of Adekeye's "guilt", as if being accused is the same as being guilty.

The judges ruling was a very strongly worded condemnation of Cisco and the DOJ, accusing them of collusion in the abuse of power. But, in a country where the government now does the bidding of its corporate overlords, the Canadian ruling bears no weight. It only stands as a moral indictment of both our judicial system and the corrupt corporate environment.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>