×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Meet the Hackers Who Get Rich Selling Spies Zero-Day Exploits

samzenpus posted more than 2 years ago | from the selling-to-the-man dept.

Businesses 158

Sparrowvsrevolution writes "Forbes profiles Vupen, a French security firm that openly sells secret software exploits to spies and government agencies. Its customers pay a $100,000 annual fee simply for the privilege of paying extra fees for the exploits that Vupen's hackers develop, which the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word. Those individual fees often cost much more than that six-figure subscription, and Vupen sells them non-exclusively to play its customers off each other in an espionage arms race. The company's CEO, Chaouki Bekrar, says Vupen only sells to NATO governments and 'NATO partners' but he admits 'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

158 comments

Damn... (5, Funny)

cayenne8 (626475) | more than 2 years ago | (#39432353)

That's serious money...

The question is...how do "I" get into that??!?

:)

Hacking stuff, and protected by 'NATO' government paying you handsomely for the 'service'.

sweet...

Re:Damn... (-1)

Anonymous Coward | more than 2 years ago | (#39432585)

Barack Obama is a stuttering clusterfuck of a miserable failure.

Re:Damn... (1, Insightful)

Anonymous Coward | more than 2 years ago | (#39432763)

Whereas you're clearly doing great things with your life.....

Re:Damn... (-1, Offtopic)

cayenne8 (626475) | more than 2 years ago | (#39432907)

Whereas you're clearly doing great things with your life.....

Hey brother...anything for a dollar, eh?

That's what its all about....I don't wanna do anything illegal that will put me in jail, but anything above that that earns lots of $$$....well, who wouldn't go for that?

Re:Damn... (1)

Anonymous Coward | more than 2 years ago | (#39433025)

What in God's name are you blathering about?

Re:Damn... (1)

daktari (1983452) | more than 2 years ago | (#39433523)

Whereas you're clearly doing great things with your life.....

Thanks AC. You've restored my "miserably failing" faith in the institution of AC posting by putting a smile right where it belongs: on my face!

Re:Damn... (0)

Anonymous Coward | more than 2 years ago | (#39432831)

Clearly you are following the path to what you claim ... #justsayin

Re:Damn... (4, Insightful)

lennier (44736) | more than 2 years ago | (#39432653)

The question is...how do "I" get into that??!?

1. Write any sufficiently large piece of C++ code
2. Wait
3. Get rooted by the black hats
4. Find out which trivially-detectable-if-you'd-used-a-decent-language error the black hats found in your code and sell it to NATO
5. Profit!

Re:Damn... (3, Insightful)

Anonymous Coward | more than 2 years ago | (#39432749)

Because we all know that programs written in interpreted languages never have bugs nor do their VMs or interpreters.

Re:Damn... (0)

Anonymous Coward | more than 2 years ago | (#39433285)

Why try finding exploits in programs written in interpreted languages when you can attack directly the interpreter (jvm, or any other kind of virtual machine) ? And since interpreters for perfomance reasons are written in C/C++ well you're back to square one. As the GP stated.

Re:Damn... (-1)

Anonymous Coward | more than 2 years ago | (#39433023)

C++ isn't a decent language? LOL WOW!!!!!!!

Re:Damn... (3, Insightful)

morcego (260031) | more than 2 years ago | (#39433247)

What's next ? My dog ate my boundary checking ?

Seriously, blaming the language for the coding bug is one of the lamest things I've ever heard. Bugs (exploitable or not) will be found on any sufficiently large piece of code, written in any language. Heck, there were 1 or 2 cases of bugs introduced by the compiler.

The real problem is that companies need to get the software out "fast". It is cheaper for the company to fix the code after it is released and payed for, and to keep developing out of it own pockets. It is that simple.

Re:Damn... (1)

Anonymous Coward | more than 2 years ago | (#39433587)

The one good thing that has come from all the hackers is the number of stupid bugs in major software has dropped precipitously!

Back in the day (when I actually programmed for living 20 years ago), I was constantly met with the 'but it works' excuse when I ran across crappy bug ridden code. Refactoring was nearly impossible as most of it was defective by design.

Re:Damn... (1)

rtb61 (674572) | more than 2 years ago | (#39433627)

'Erm' not to put ton fine a point on it but, management username password and an external log in are sufficient to get in on the act. Once in the world of organised crime, the simplest, most direct solutions are often the most effective.

So obtain access to and extract from, the holder of management user name and password and within the hour gain access to thousands of hours of cracking effort. You want to play you will always end up paying.

Re:Damn... (1)

mjwalshe (1680392) | more than 2 years ago | (#39432851)

Many Security services do now do open recruitment look up the appropriate website - I would imagine in France going to ENA might help.

Re:Damn... (1)

Geek70 (2503888) | more than 2 years ago | (#39433005)

Would you really want to? I would imagine that every single person working there is having every aspect of their life watched by a whole range of governments/agencies. Great place if you have no love of personal privacy!

Re:Damn... (1)

Anonymous Coward | more than 2 years ago | (#39433289)

Not wasting your time posting on retarded news websites might be a good start

hahaha (-1)

Anonymous Coward | more than 2 years ago | (#39432357)

Man this company probably loves Microsoft and their shitty security record. Microsoft alone probably nets them 200s of millions a year. Maybe Microsoft will rethink its bask on purchasing from Apple with a proven record of security? I can only imagine they have tons of exploits ready to roll for the new Windows 8 Metrosexual edition.

The war of the future (1)

baldrad (1882464) | more than 2 years ago | (#39432369)

I think it will be interesting to see how the governments of the world start to evolve around this new threat.

So basically... (5, Funny)

girlintraining (1395911) | more than 2 years ago | (#39432391)

Step 1. Paint giant bullseye on the top of your corporate office. Write "Insert bomb here," repeatedlty around the edge.
Step 2. Sell digital goods that can be used by sovereign powers to wage war on each other to both sides.
Step 3. ???
Step 4. Profi--Error: Connection reset by peer

Thieves among thieves (5, Insightful)

hjf (703092) | more than 2 years ago | (#39432417)

Oh, they only sell to NATO, right? You know, you can TRY to lie to us, but in the end, lying to the CIA is the same as lying to yourself. They know you sell to Iran, China, and every other regime out there.

You're on a shady enough business not to sell to the best offer.

Re:Thieves among thieves (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39432609)

Even if they do only sell to NATO, NATO governments haven't exactly had a stellar history of respecting human rights in the past decade.

Re:Thieves among thieves (2)

elucido (870205) | more than 2 years ago | (#39433413)

Even if they do only sell to NATO, NATO governments haven't exactly had a stellar history of respecting human rights in the past decade.

What government respects human rights?

If they don't sell their exploit to NATO who should they sell them to? The FBI?

Re:Thieves among thieves (0)

Anonymous Coward | more than 2 years ago | (#39433745)

What government respects human rights?

If they don't sell their exploit to NATO who should they sell them to? The FBI?

The FBI is part of NATO - it is an organization owned by the US government - which is part of NATO. The FBI is not an "alternative". North Korea, China, Al quaeda and organized crime are all "alternatives" to NATO though. The only ones to purchase such stuff are criminals and governments with enemies...

Re:Thieves among thieves (1)

WalkingBear (555474) | more than 2 years ago | (#39433411)

Of course they sell to Iran, China, et al.. And the CIA and MI5 *help* them with the code they write, especially the code they sell to others. Backdoors in the backdoors.

Re:Thieves among thieves (0)

Anonymous Coward | more than 2 years ago | (#39433437)

...lying to the CIA is the same as lying to yourself.

Obligatory Soviet Russia reply:

In Corporate States of America, CIA lies to YOU.

Kind of shady? (5, Insightful)

K. S. Kyosuke (729550) | more than 2 years ago | (#39432421)

I mean, aren't there laws against doing things like hacking into computers you don't own? Isn't this aiding in a crime? The last time I checked, even government agencies were obliged not to break laws.

Re:Kind of shady? (0)

Anonymous Coward | more than 2 years ago | (#39432475)

Spies act outside of legality. You think it was legal for french agents to place bombs inside the rainbow warrior in new zeland ? Sinking the ship and killing a photographer in the process ?

Governments decide what is legal and what is not.
And if they want to do something they'll classify it as legal and all else be damned and you'll be none the wiser.

Re:Kind of shady? (1)

Anonymous Coward | more than 2 years ago | (#39432555)

Spies act outside of legality. You think it was legal for french agents to place bombs inside the rainbow warrior in new zeland ?

Sure it was! It was a warrior right? That means it was a warship!

If you don't agree with this, the hippies... Er.... I mean... terrorists win!

Re:Kind of shady? (3, Informative)

Sir_Sri (199544) | more than 2 years ago | (#39432863)

Espionage agencies are lawfully chartered. The activities they undertake in other countries are usually illegal in those countries, but so what, you do it to us, we do it to you, when you catch one of ours, we catch one of yours, trade, and back to business.

In the case of the french bombing a ship in new zealand that was illegal, even though New Zealand would be a "NATO Partner" in the parlance of TFA. Two of the agents were caught, and charged.

Of course had they got back to france (like the rest of the team) likely nothing would have happened to them, although with a more valuable ally like the UK that may not hold true. Countries act in their own interests, and if they're smart they are under no illusion about having any friends.

The reason people still remember the rainbow warrior incident is because it was a major scandal in france, and might not even have been legal in france. Depends on the agreements they had with New Zealand.

Re:Kind of shady? (1)

elucido (870205) | more than 2 years ago | (#39433551)

Espionage agencies are lawfully chartered. The activities they undertake in other countries are usually illegal in those countries, but so what, you do it to us, we do it to you, when you catch one of ours, we catch one of yours, trade, and back to business.

In the case of the french bombing a ship in new zealand that was illegal, even though New Zealand would be a "NATO Partner" in the parlance of TFA. Two of the agents were caught, and charged.

Of course had they got back to france (like the rest of the team) likely nothing would have happened to them, although with a more valuable ally like the UK that may not hold true. Countries act in their own interests, and if they're smart they are under no illusion about having any friends.

The reason people still remember the rainbow warrior incident is because it was a major scandal in france, and might not even have been legal in france. Depends on the agreements they had with New Zealand.

You're forgetting that spies don't get "traded', officers get traded back and forth and only the officers with official cover. Officers are spy handlers, the spies are the people who if caught get killed.

Re:Kind of shady? (1)

K. S. Kyosuke (729550) | more than 2 years ago | (#39432879)

That's possible, but I would think it is one thing for a spy agency to do something shady covertly (obviously, that happens), and another thing for private company to openly sell stuff like this, regardless of who is the buyer. That almost feels like Israel admitting that they have nukes.

Re:Kind of shady? (0)

Lobachevsky (465666) | more than 2 years ago | (#39432537)

There are also laws against doing things like shooting an unarmed person in the head, aka assassination, but if a soldier hears his superior yell "fire", he shoots, no questions asked. In theory, the govt. abides by its own laws, in practice, 'national security' trumps all laws, and even the courts have agreed, allowing the govt. to withhold evidence on the basis of national security. Govt: "He's guilty!" Judge: "why?" Govt: "We'd like to tell you why, but that harms national security." Judge: "oh, okay, he's guilty."

Re:Kind of shady? (5, Insightful)

Real_Reddox (1010195) | more than 2 years ago | (#39432635)

if a soldier hears his superior yell "fire", he shoots, no questions asked.

As a soldier, I can only note your lack of insight in how the military works.

Re:Kind of shady? (-1, Troll)

peragrin (659227) | more than 2 years ago | (#39432709)

As a Soldier your not smart enough to know that not every country obeys the same laws or has the same military traditions. The USA is noted for giving it's military field commanders more power to change orders in order to achieve the objective.

Re:Kind of shady? (4, Informative)

meerling (1487879) | more than 2 years ago | (#39432895)

The military has very strict rules, and you are only required to follow lawful orders. In fact, if you are given an unlawful order, you are, by military law, required to refuse to follow it and report it to the appropriate military authority. Nobody is protected by "I was just following orders" for performing an unlawful action.
At least with regards to the US Military. I don't know about other countries.

you are only required to follow lawful orders (4, Insightful)

rabenja (919226) | more than 2 years ago | (#39433373)

This is true, but "report[ing] it to the appropriate military authority" will nearly always land the reporting person in deep doo doo. I know that from experience. A junior person's word against the CO and the system that is designed to protect the CO.

Re:Kind of shady? (1)

Opportunist (166417) | more than 2 years ago | (#39433389)

Possible, but what protects me from the bullet in the officer's gun?

Re:Kind of shady? (1)

Anonymous Coward | more than 2 years ago | (#39433847)

Possible, but what protects me from the bullet in the officer's gun?

The bullet in your gun.

I am always amazed at people who claim the military forced them to do whatever they now face war crimes death penalty for. Sheesh! In such a situation, don't succumb to the pressure. Just fire on the commanders, for a man with a weapon cannot really be forced.

Of course, there is the risk of being killed for mutiny (unless the rest feel the same way). But if it is a death penalty either way, do what is right.It will make a difference.

Re:Kind of shady? (3, Insightful)

Opportunist (166417) | more than 2 years ago | (#39434007)

If you go by logic, committing the war crime is the logical conclusion.

Imagine you're ordered to shoot civilians, or having the option to get shot by your superior. What are your options?
1. Refusing. You're dead.
2. Shooting your superior. Chances for a trial: Almost certain. Chances for a conviction: Rather high.
3. Shooting the civilian. Chances for a trial: Almost zero, as long as every witness is an accomplice. Chances for conviction: Close to zero unless a reporter somehow finds out about it.

Re:Kind of shady? (4, Informative)

tnk1 (899206) | more than 2 years ago | (#39434303)

Summary executions by officers for anything are of extremely doubtful legality today, at least in the US. If an officer simply executed you for some cause and expected that to hold, he would face a guaranteed court-martial. If he tried to pretend that he merely apprehended you and you "escaped", there would still be an investigation at the very least. Unless the whole unit was on the side of the officer, it is unlikely that an officer would get away with it.

As far as "friendly fire" incidents... those are always possible, but the shooter could still get found out.

In short, if you turned the officer in for an offense that they might get execution, or life, or 20 years for, you may want to watch your back. Otherwise, no one is going to shoot you unless they are also unbalanced. In which case, you're pretty fucked anyway.

That said, while it is actually required to refuse an unlawful order, you will still likely have to prove that at court-martial. So, you might well simply obey the officer ordering you to do something technically illegal, but petty. But, if he wants you to start shooting people, I'd suggest taking the court-martial.

Works in theory (0)

Anonymous Coward | more than 2 years ago | (#39433493)

In practice, when on the field, your commanding officer can kill you on the spot for refusing to follow orders (legal or otherwise). Of course, he will have to answer for doing so, but he can make up any accusation he wants since, you know, dead men tell no tales.

Re:Kind of shady? (1)

Hatta (162192) | more than 2 years ago | (#39433667)

In fact, if you are given an unlawful order, you are, by military law, required to refuse to follow it and report it to the appropriate military authority.

What do you think actually happens when one does that?

Re:Kind of shady? (0)

Anonymous Coward | more than 2 years ago | (#39434077)

The Nuremberg trials are what caused this rule. It is accepted by most international courts. The theory that being ordered remove your liability is false. It is the same with health and safety laws.

Re:Kind of shady? (0)

Anonymous Coward | more than 2 years ago | (#39434225)

Exactly, which is why the government (or military) hires contractors for things it cannot do but private citizens can. For instance, the government cannot monitor government employee's internet usage, but they can hire a firm to enforce their internet policy for them.

Re:Kind of shady? (0)

Anonymous Coward | more than 2 years ago | (#39432921)

At least he was smart enough to know how to use the word "your".

Re:Kind of shady? (2)

Iniamyen (2440798) | more than 2 years ago | (#39432549)

The laws only apply if you are hacking into computers you don't own in order to download The Hurt Locker.

Re:Kind of shady? (4, Insightful)

PPH (736903) | more than 2 years ago | (#39432613)

even government agencies were obliged not to break laws.

Unless we're at war.

We're always at war.

Re:Kind of shady? (1)

NIN1385 (760712) | more than 2 years ago | (#39433375)

Mod up please.

This is the problem with the "war or terror". There is no end, the US government will never be able to declare a victory over this enemy. This plays right into their grand scheme of things, they have a free pass to do whatever they want anywhere in the world and the perfect terrorist attack to justify it.

This is why you will never see a real investigation into the events of September 11th, if there were ever any highly publicized cracks in the story of what happened that day it would bring down the entire house of cards.

Re:Kind of shady? (1)

Anonymous Coward | more than 2 years ago | (#39432783)

Who said anything about hacking into someone else's computer? Discovering exploits is not a crime.

Re:Kind of shady? (2)

theonesandtwos (1349467) | more than 2 years ago | (#39432823)

Just to play devils advocate, they're selling exploits. You need not hack machines that do not belong to you to develop exploits.
Are they not in some sense selling knowledge? Since when is that illegal? (State secrets and whatnot aside).

I don't agree with it, but I'm just saying.

Re:Kind of shady? (1)

betterunixthanunix (980855) | more than 2 years ago | (#39432917)

It is also a crime to wiretap someone, but the police do it all the time. Judges can grant warrants to allow law enforcement agencies to do otherwise illegal things.

Re:Kind of shady? (1)

elucido (870205) | more than 2 years ago | (#39433431)

I mean, aren't there laws against doing things like hacking into computers you don't own? Isn't this aiding in a crime? The last time I checked, even government agencies were obliged not to break laws.

Government agencies don't believe in any laws besides the law of might. If they want to do it they do it just as long as they have the force to get away with it.

Re:Kind of shady? (2)

HungryMonkey (1887382) | more than 2 years ago | (#39433689)

I mean, aren't there laws against doing things like hacking into computers you don't own? Isn't this aiding in a crime? The last time I checked, even government agencies were obliged not to break laws.

You've got it all wrong. I'm sure they hack into their own computers, nothing illegal there. Then they sell the knowledge of these exploits to their customers in order to protect them from these weaknesses. Now, if someone in one of those agencies "goes against policy" and uses these exploits against someone else, how is it their fault?

It's not illegal... (0, Redundant)

nitehawk214 (222219) | more than 2 years ago | (#39432447)

... if the government (or a private firm working for the government) does it.

Please remember this the next time a cop kicks you in the face.

Exploit to exploit (5, Insightful)

WinstonWolfIT (1550079) | more than 2 years ago | (#39432459)

Wow. That puts huge incentive on planting moles in projects with wide distribution simply for the aim of writing exploitable code.

Re:Exploit to exploit (1)

elucido (870205) | more than 2 years ago | (#39433453)

Wow. That puts huge incentive on planting moles in projects with wide distribution simply for the aim of writing exploitable code.

Agencies probably already do that to save money having to pay these guys.

The true faith of an armorer (4, Insightful)

Animats (122034) | more than 2 years ago | (#39432461)

"To give arms to all men who offer an honest price for them, without respect of persons or principles: to aristocrat and republican, to Nihilist and Tsar, to Capitalist and Socialist, to Protestant and Catholic, to burglar and policeman, to black man white man and yellow man, to all sorts and conditions, all nationalities, all faiths, all follies, all causes and all crimes." - Undershaft

Re:The true faith of an armorer (3, Informative)

forand (530402) | more than 2 years ago | (#39433317)

Anyone wondering where this is from it is from the play Major Barbara by George Bernard Shaw. You can find the full script on Gutenberg [gutenberg.org] .

Spook BackDoors In Cisco Routers (0, Informative)

Anonymous Coward | more than 2 years ago | (#39432545)

Spook BackDoors In Cisco Routers
- Older news, but still relevant!!
    Please save this story and repost it everywhere
    Especially in Security Discussion Forum Sites
- You should use OpenBSD or a hardened Linux distro
    For a router, NOT these blackboxes offered with
    proprietary hardware & firmware!

http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html [forbes.com]

"Special Report
Cisco's Backdoor For Hackers
Andy Greenberg, 02.03.10, 01:45 PM EST
The methods networking companies use to let the Feds watch suspects also expose the rest of us.

ARLINGTON, Va. -- Activists have long grumbled about the privacy implications of the legal "backdoors" that networking companies like Cisco build into their equipment--functions that let law enforcement quietly track the Internet activities of criminal suspects. Now an IBM researcher has revealed a more serious problem with those backdoors: They don't have particularly strong locks, and consumers are at risk.

In a presentation at the Black Hat security conference Wednesday, IBM ( IBM - news - people ) Internet Security Systems researcher Tom Cross unveiled research on how easily the "lawful intercept" function in Cisco's ( CSCO - news - people ) IOS operating system can be exploited by cybercriminals or cyberspies to pull data out of the routers belonging to an Internet service provider (ISP) and watch innocent victims' online behavior.

But the result, Cross says, is that any credentialed employee can implement the intercept to watch users, and the ISP has no method of tracking those privacy violations. "An insider who knows the password can use it without an audit trail and send the data to anywhere on the Internet," Cross says.

Cross told Cisco about his findings in December 2008, but with the exception of the patch Cisco released following the revelation of its router bug in 2008, the security flaws he discussed haven't been fixed. In an interview following Cross' talk, Cisco spokeswoman Jennifer Greeson said that the company is "confident in its framework." "We recognize that security is complicated," she said. "We're looking at [Cross'] findings and we'll take them into account."

Cisco isn't actually the primary target of Cross' critique. He points out that all networking companies are legally required to build lawful intercepts into their equipment.

Special Report
Cisco's Backdoor For Hackers
Andy Greenberg, 02.03.10, 01:45 PM EST
The methods networking companies use to let the Feds watch suspects also expose the rest of us.

ARLINGTON, Va. -- Cisco, in fact, is the only networking company that follows the recommendations of the Internet Engineering Task Force standards body and makes its lawful intercept architecture public, exposing it to peer review and security scrutiny. The other companies keep theirs in the dark, and they likely suffer from the same security flaws or worse. "Cisco did the right thing by publishing this," says Cross. "Although I found some weaknesses, at least we know what they are and how to mitigate them."

The exploitation of lawful intercept is more than theoretical. Security and privacy guru Bruce Schneier wrote last month that the Google ( GOOG - news - people ) hackings in China were enabled by Google's procedures for sharing information with U.S. law enforcement officials. And in 2004 and 2005, a group of hackers used intercept vulnerabilities in Ericsson ( ERIC - news - people ) network switches to spy on a wide range of political targets including the cellphone of Greece's prime minister.

All of that, argues IBM's Cross, means that Internet-related companies need to be more transparent about their lawful intercept procedures or risk exposing all of their users. "There are a lot of other technology companies out there that haven't published their architecture, so they can't be audited," he said in his Black Hat talk. "We can't be sure of their security as a result."

- http://search.forbes.com/search/colArchiveSearch?author=andy+and+greenberg&aname=Andy+Greenberg [forbes.com]

(C) forbes.com

Lest we forget Part 1:

https://www.networkworld.com/community/node/57070 [networkworld.com]

"Cisco backdoor still open
IBM researcher at Black Hat says opening for Feds exposes us
By Jim Duffy on Wed, 02/03/10 - 5:33pm.

The "backdoors" that Cisco and other networking companies implement in their routers and switches for lawful intercept are front and center again at this week's Black Hat security conference. A few years ago, they were cause celebre in some VoIP wiretapping arguments and court rulings.

This time, an IBM researcher told Black Hat conference attendees that these openings can still expose information about us to hackers and allow them to "watch" our Internet activity. Backdoors are implemented in routers and switches so law enforcement officials can track the Internet communications and activity of an individual or individuals under surveillance. They are required by law to be incorporated in devices manufactured by networking companies and sold to ISPs.

In this report from Forbes, IBM Internet Security Systems researcher Tom Cross demonstrated how easily the backdoor in Cisco IOS can be exploited by hackers. When they gain access to a Cisco router, they are not blocked after multiple failed access attempts nor is an alert sent to an administrator. Any data collected through the backdoor can be sent to anywhere -- not just merely to an authorized user, Forbes reports.

What's more, an ISP is not able to perform an audit trail on whoever tried to gain access to a router through the backdoor - that nuance was intended to keep ISP employees from detecting the intercept and inadvertently tipping off the individual under surveillance. But according to IBM's Cross, any authorized employee can use it for unauthorized surveillance of users and those privacy violations cannot be tracked by the ISP.

Cisco said it is aware of Cross's assertions and is taking them under consideration. To Cisco's credit, it is the only networking company that makes its lawful intercept architecture public, according to the recommendations of the IETF, the Forbes story states. Other companies do not, which means they may be susceptible to the same security flaws, or worse."

Lest we forget Part 2:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040407-username [cisco.com]

"Cisco Security Advisory
A Default Username and Password in WLSE and HSE Devices
Advisory ID: cisco-sa-20040407-username
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040407-username [cisco.com]
Revision 1.4
For Public Release 2004 April 7 16:00 UTC (GMT)
Contents

        Summary
        Affected Products
        Details
        Vulnerability Scoring Details
        Impact
        Software Versions and Fixes
        Workarounds
        Obtaining Fixed Software
        Exploitation and Public Announcements
        Status of This Notice: Final
        Distribution
        Revision History
        Cisco Security Procedures

Summary

A default username/password pair is present in all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software. A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround.

This advisory is available at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040407-username [cisco.com] .

Affected Products

This section provides details on affected products.
Vulnerable Products

These products are vulnerable:

        The affected software releases for WLSE are 2.0, 2.0.2 and 2.5.
        The affected software releases for HSE are 1.7, 1.7.1, 1.7.2 and 1.7.3.

Products Confirmed Not Vulnerable

No other Cisco products are currently known to be affected by these vulnerabilities.

Details

A hardcoded username and password pair is present in all software releases for all models of WLSE and HSE devices.

This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCsa11583 ( registered customers only) for the WLSE and CSCsa11584 ( registered customers only) for the HSE.

CiscoWorks WLSE provides centralized management for the Cisco Wireless LAN infrastructure. It unifies the other components in the solution and actively employs them to provide continual "Air/RF" monitoring, network security, and optimization. The CiscoWorks WLSE also assists network managers by automating and simplifying mass configuration deployment, fault monitoring and alerting.

Cisco Hosting Solution Engine is a hardware-based solution to monitor and activate a variety of e-business services in Cisco powered data centers. It provides fault and performance information about the Layer 2-3 hosting infrastructure and Layer 4-7 hosted services.

Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding CVSS at
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html [cisco.com] .

Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss [cisco.com] .

Impact

Any user who logs in using this username has complete control of the device. One can add new users or modify details of the existing users, and change the device's configuration. Here are some more concrete examples of possible actions:

        For WLSE this means that an adversary can hide the presence of a rogue Access Point or change the Radio Frequency plan, potentially causing system-wide outages. The first action may cause long term loss of information confidentiality and integrity. The second action can yield Denial-of-Service (DOS).
        For HSE this may lead up to illegal re-directing of a Web site with the ultimate loss of revenue.
        In both cases the device itself may be used as a launching platform for further attacks. Such attacks could be directed at your organization, or towards a third party.

Software Versions and Fixes

When considering software upgrades, also consult http://www.cisco.com/go/psirt [cisco.com] and any subsequent advisories to determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center ("TAC") or your contracted maintenance provider for assistance.

For WLSE, users need to install the WLSE-2.x-CSCsa11583-K9.zip patch. The patch can be downloaded from http://www.cisco.com/pcgi-bin/tablebuild.pl/wlan-sol-eng [cisco.com] ( registered customers only) . Installation instructions are included in the accompanying README file, WLSE-2.x-CSCsa11583-K9.readmeV3.txt, in that same download directory. This patch is applicable to WLSE 1105 and 1130 software releases 2.0, 2.0.2 and 2.5.

For HSE, users need to install the HSE-1.7.x-CSCsa11584.zip patch. The patch can be downloaded from http://www.cisco.com/pcgi-bin/tablebuild.pl/1105-host-sol [cisco.com] ( registered customers only) . Installation instructions are included in the accompanying README file, HSE-1.7.x-CSCsa11584.readme.txt, in that same download directory. This patch is applicable to HSE 1105 for versions 1.7, 1.7.1, 1.7.2, and 1.7.3.
Workarounds

There is no workaround.

Obtaining Fixed Software

Cisco has made free software available to address this vulnerability for affected customers. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.

Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/public/sw-license-agreement.html [cisco.com] , or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml [cisco.com] .

Do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades.

Customers with Service Contracts

Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com./ [www.cisco.com]
Customers Using Third-Party Support Organizations

Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.

The effectiveness of any workaround or fix is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.
Customers Without Service Contracts

Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.

        +1 800 553 2447 (toll free from within North America)
        +1 408 526 7209 (toll call from anywhere in the world)
        e-mail: tac@cisco.com

Have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.

Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml [cisco.com] for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages.
Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.

Status of This Notice: Final

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

Distribution

This advisory will be posted on Cisco's worldwide website at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040407-username [cisco.com] .

In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.

        cust-security-announce@cisco.com
        bugtraq@securityfocus.com
        first-teams@first.org (includes CERT/CC)
        cisco@spot.colorado.edu
        comp.dcom.sys.cisco
        firewalls@lists.gnac.com

Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.

Revision History

Revision 1.4

2004-April-12

Fixed URL for Cisco.com Downloads under Obtaining Fixed Software section.

Revision 1.3

2004-April-08

Updated Software Versions and Fixes section.

Revision 1.2

2004-April-08

Updated to include WLSE 1105 in Software Versions and Fixes section.

Revision 1.1

2004-April-07

Correction in the Obtaining Fixed Software section.

Revision 1.0

2004-April-07

Initial public release.

Cisco Security Procedures

Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html [cisco.com] . This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt [cisco.com] ."

http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html?feed=rss_technology_security [forbes.com]

violation of the DMCA? (1, Redundant)

cjonslashdot (904508) | more than 2 years ago | (#39432639)

Isn't this a violation of the DMCA?

Re:violation of the DMCA? (1)

Desler (1608317) | more than 2 years ago | (#39432789)

They're a French company...

Re:violation of the DMCA? (2)

cjonslashdot (904508) | more than 2 years ago | (#39432925)

Still, if the US can extradite Vladimir Zdorovenin and Gary McKinnon (let alone, Julian Assange) for their purported violation of US laws while outside the US, then the US should be able to extradite the execs of this company. Right?

Re:violation of the DMCA? (1)

geoffaus (623283) | more than 2 years ago | (#39433349)

or if they ever step on US soil this happened to an exec - cant remember who but he wasnt on good terms with the US then on a flight to canada his plane got diverted to NYC and they got him

I hope their physical security is top notch (2, Insightful)

swb (14022) | more than 2 years ago | (#39432641)

And not just for their offices, but for their homes and the homes, schools and offices of their families, friends and anyone else they might care about.

It strikes me that these are people you don't want to try to play around with and that some might try to influence you to give a better deal to their side than another side, perhaps using things like pictures of your kids walking to school or your wife gardening.

Yeah but thats where the money is. (1)

elucido (870205) | more than 2 years ago | (#39433253)

And not just for their offices, but for their homes and the homes, schools and offices of their families, friends and anyone else they might care about.

It strikes me that these are people you don't want to try to play around with and that some might try to influence you to give a better deal to their side than another side, perhaps using things like pictures of your kids walking to school or your wife gardening.

There is no easy way for hackers to make money. You'll have to sell to the spies or you don't make money at all because the spies are the ones with the money to pay for security researchers.

As far as them trying to influence for a better deal or exclusive deal this much is obvious.

Re:I hope their physical security is top notch (1)

Anonymous Coward | more than 2 years ago | (#39433555)

Why is this modded redundant? I am in ITSec yet am valued more for my knowledge about physical security and it's deep implications. Go ahead go take a look at a light primer: Locks, Safes, and Security by Marc Weber Tobias; then come back and say it is redundant.

Re:I hope their physical security is top notch (2)

elucido (870205) | more than 2 years ago | (#39433581)

Why is this modded redundant? I am in ITSec yet am valued more for my knowledge about physical security and it's deep implications. Go ahead go take a look at a light primer: Locks, Safes, and Security by Marc Weber Tobias; then come back and say it is redundant.

But if you know about physical security then you know in most workplaces it barely exists. You've got to secure the entire electromagnetic spectrum, worry about biological attacks, chemical attacks, psychological, and social engineering attacks on top of the technical exploits, lock picking, etc.

These individuals in this company wouldn't be in the business they are in if they didn't have physical security of some sort. They have as little physical security as everyone else has, but perhaps they are aware of the fact that they aren't completely safe.

But you're right, if they aren't locked down like a fort someone will still their exploits and then sell them to their clients.

From the desk of Zorg (1)

Anonymous Coward | more than 2 years ago | (#39432683)

"'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'""

Or worse!

Zorg: I hate warriors, too narrow-minded. I'll tell you what I do like though: a killer, a dyed-in-the-wool killer. Cold blooded, clean, methodical and thorough. Now a real killer, when he picked up the ZF-1, would've immediately asked about the little red button on the bottom of the gun.

[Scene shifts to Aknot, who is staring in confusion at the little red button. He shrugs and pushes it]

Zorg: [Casually smokes a cigarette as the room with the Mangalores blows up] Bring me the priest.

But my orgies! (1)

Cazekiel (1417893) | more than 2 years ago | (#39432705)

the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word.

NUUU not my slash!fic!! No touching my pr0n!

Oh wait, Microsoft Word required my first-born for payment, so I downloaded OpenOffice. Not on the list, MY PR0N IS SAFE.

Previously, on Slashdot... (0)

Anonymous Coward | more than 2 years ago | (#39432887)

More on Cisco Building Surveillance into Routers

- http://yro.slashdot.org/story/03/04/22/1656215/More-on-Cisco-Building-Surveillance-into-Routers [slashdot.org]

"The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form." See our earlier story and the RFC for background."

Cisco Support for Lawful Intercept In IP Networks

- http://yro.slashdot.org/story/03/04/17/0024235/cisco-support-for-lawful-intercept-in-ip-networks [slashdot.org]

"Scary stuff for the privacy advocates out there. Your Internet telephone conversations may soon be tapped by the government. Anyone else concerned about these intercepts being hacked?"

whom are they using these exploits against? (1)

NarcoTraficante (512390) | more than 2 years ago | (#39432891)

As long as the government agencies don't use them within their own territories against their own citizens then it's fine.

TekWars REDUX (0)

Anonymous Coward | more than 2 years ago | (#39432955)

Now add some Nano bots and highly bio-engineered drugs and we can have are own real life TekWars :P

now i wonder if old willy Shatner would scream copyright infringement!

Let the TEKLords make the world go round :) one exploit at a time!

Perspective:Inside Cisco's eavesdropping apparatus (1)

Anonymous Coward | more than 2 years ago | (#39433135)

Perspective: Inside Cisco's eavesdropping apparatus

By Declan McCullagh | April 21, 2003 4:00 AM PDT
- http://news.cnet.com/2010-1071-997528.html?tag=fd_nc_1 [cnet.com]

"Cisco Systems has created a more efficient and targeted way for police and intelligence agencies to eavesdrop on people whose Internet service provider uses their company's routers.

The company recently published a proposal that describes how it plans to embed "lawful interception" capability into its products. Among the highlights: Eavesdropping "must be undetectable," and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form.

Cisco's decision to begin offering "lawful interception" capability as an option to its customers could turn out to be either good or bad news for privacy.

Because Cisco's routers currently aren't designed to target an individual, it's easy for an Internet service provider (ISP) to comply with a police request today by turning over all the traffic that flows through a router or switch. Cisco's "lawful interception" capability thus might help limit the amount of data that gets scooped up in the process.

On the other hand, the argument that it hinders privacy goes like this: By making wiretapping more efficient, Cisco will permit governments in other countries--where court oversight of police eavesdropping is even more limited than in the United States--snoop on far more communications than they could have otherwise.

Marc Rotenberg, head of the Electronic Privacy Information Center, says: "I don't see why the technical community should hardwire surveillance standards and not also hardwire accountability standards like audit logs and public reporting. The laws that permit 'lawful interception' typically incorporate both components--the (interception) authority and the means of oversight--but the (Cisco) implementation seems to have only the surveillance component. That is no guarantee that the authority will be used in a 'lawful' manner."

U.S. history provides many examples of government and police agencies conducting illegal wiretaps. The FBI unlawfully spied on Eleanor Roosevelt, Martin Luther King Jr., feminists, gay rights leaders and Catholic priests. During its dark days, the bureau used secret files and hidden microphones to blackmail the Kennedy brothers, sway the Supreme Court and influence presidential elections. Cisco's Internet draft may be titled "lawful interception," but there's no guarantee that the capability will always be used legally.

Still, if you don't like Cisco's decision, remember that they're not the ones doing the snooping. Cisco is responding to its customers' requests, and if they don't, other hardware vendors will.

If you're looking for someone to blame, consider Attorney General John Ashcroft, who asked for and received sweeping surveillance powers in the USA Patriot Act, along with your elected representatives in Congress, who gave those powers to him with virtually no debate.

I talked with Fred Baker, a Cisco fellow and former chairman of the Internet Engineering Task Force (IETF), about his work on the "lawful interception" draft.

Q: Why did Cisco decide to build "lawful interception" into its products? What prompted this?
A: Cisco's customers, not just in United States but in many countries, are finding themselves served with subpoenas to mandate lawful intercept functionality. Cisco received requests from its customers for this capability.

When I found out about the project, I asked to be involved because I wanted to ensure that it was done in a manner that was as close to balanced as I could get. From an engineering perspective, the easiest thing is to give everything to law enforcement and let them sort it out. But I wanted to do better than that.

When was that?
The actual development of this document started probably seven to eight months ago.

What was the reaction of the Internet community and the IETF after you released the draft?
I've seen very little reaction so far. We have been contacted by Verisign, with which we had an NDA relationship. They said, "We'd like to work with you on this." That's about all we've had. John Gilmore (of the Electronic Frontier Foundation) posted comments to an IETF mailing list. He wanted to ensure that the capability would be as difficult to use as possible.

When will Cisco's customers be able to buy "lawful interception" products or an upgrade?
We haven't yet announced anything. Any product that a service provider is likely to purchase will have an option to provide lawful interception. That's not for all of our products but for a fairly broad subset.

We're in the process of doing early field trials on that capability. In most cases it's a software upgrade. What we're doing is putting the capability in a separate image so you know what you're getting when you get it. Under U.S. law, if you have that ability, you could be required to use it. Our service provider customers have asked us not to put it in the standard image, so that they can't be forced to use it.

How much will it cost?
We haven't announced that. There was some discussion at some point about putting in a nuisance fee.

What percentage of your customers who have asked for "lawful interception" capability are within the United States?
We have service provider customers in a number of countries that have asked us for it. Some have been more insistent than others.

Do you have any moral problems with helping to make surveillance technology more efficient?
I have some moral and ethical issues, but I think quite frankly that the place to argue this is in Congress and in the courtroom, not a service provider's machine room when he's staring down the barrel of a subpoena.

There are two sides. One is that Cisco as a company needs to let its customers abide by the law. The other is the moral and ethical issues. There are two very separate questions.

The current draft does not include an audit trail. Could you do that by having your equipment digitally sign a file that says who's been intercepted and for how long? That could be turned over to a judge. It could indicate whether the cops were or weren't staying within the bounds of the law.
I'm not entirely sure that the machine we're looking at could make that assurance... In fact, the way lawful interception works, a warrant comes out saying, "We want to look at a person." That's the way it works in Europe, the United States, Australia and in other western countries. The quest then becomes figuring out which equipment a person is reasonably likely to use, and it becomes law enforcement's responsibility to discard any information that's irrelevant to the warrant. That kind of a thing would probably be maintained on the mediation device.

Who controls the mediation device?
The Internet provider. The mediation device picks out the subset that relates to a particular warrant.

A few years ago (in RFC 2804) the IETF rejected the idea of building eavesdropping capability into Internet protocols. The FBI supported the idea, but the IETF said, no way. You were chair of the IETF at the time. How do you reconcile your proposal with the decision made then?
I thought that what the IETF decided to do was actually the right thing to decide. What it said is that the IETF would not modify protocols that were designed for some other purpose in order to support lawful interception.

Will you discuss this at the next IETF meeting in Austria in July?
We're hoping for community review. If people see any problems with what we're doing on a technical level, we're all ears. We want to produce the best possible capability in terms of security and the capability required.

Have you had requests for this capability, directly or indirectly, from government agencies?
Yes and no. We got the request from our customers. The laws relate to the ISPs, which are our customers. Certainly, if we get a request from our customers that we can't support, there are penalties that accrue.

We've had direct contact with the FBI and other agencies. When I was in Holland I (spoke at a conference with the head of the equivalent of the country's Central Intelligence Agency). The fact that he came out and said something made the 8 o'clock news. I had a meeting with him and some of his people a few days later to figure out what he wanted and what he intended to do with this. As an engineer I wanted to understand a customer's problem.

We've had discussions with government agencies, but (they're generally not) asking us to build a product. They do that with ISPs, who then come to us.

What other companies are going a similar route?
We're a little bit more open than everyone else. It really wouldn't be appropriate for me to talk about other companies. It's not like we're coming out and saying, "Hey, this is the reason you should buy a Cisco router." This is something we're doing because our customers want it.

What do you think of governments with scant respect for privacy rights using "lawful interception" technology to become more efficient eavesdroppers? Do you ever stay up late at night worrying about what they might do with it?
Of course I do. But that problem is the reason I got involved. We have some capabilities in some of our equipment that will allow you to take all the traffic that goes across an interface and send it to another interface. Right now that is used in some cases as a lawful interception technology.

When we first started talking, some engineers said, "Let's turn this on and use that." I said, "Heavens no, if we can narrow the range of information, let's do it." Let's let our customers meet their requirements in as privacy-protecting a way as possible. So yes, there's a conflict, but the conflict is why I got involved."

"Biography
Declan McCullagh is CNET News.com's chief political correspondent. He spent more than a decade in Washington, D.C., chronicling the busy intersection between technology and politics. Previously, he was the Washington bureau chief for Wired News, and a reporter for Time.com, Time magazine and HotWired. McCullagh has taught journalism at American University and been an adjunct professor at Case Western University."

© 2012 CBS Interactive

- http://news.cnet.com/Perspective-Ashcrofts-worrisome-spy-plans/2010-1071_3-983921.html [cnet.com]
- http://www.epic.org/ [epic.org]
- http://newsroom.cisco.com/dlls/innovators/Core_IP/Fred_Baker.html [cisco.com]
- http://www.ietf.org/ [ietf.org]
- http://www.faqs.org/rfcs/rfc2804.html [faqs.org]
- declan.mccullagh@cnet.com
- http://www.mccullagh.org/ [mccullagh.org]
- http://news.cnet.com/2016-1071_3-0.html [cnet.com]

Can't Help But Wonder... (1)

Zamphatta (1760346) | more than 2 years ago | (#39433159)

Might Vupen have been the ones that discovered the exploits used by Duqu & Stuxnet? If they were, then they might know who created Duqu & Stux.

$100,000 is not rich. (1)

elucido (870205) | more than 2 years ago | (#39433215)

I admit it's good enough for one security researcher, or maybe 1.5, but it's not rich.

If we are talking about millions of dollars then we are talking rich.

Re:$100,000 is not rich. (1)

Opportunist (166417) | more than 2 years ago | (#39433305)

100k per customer. Multiply by x, with x being everyone and anyone willing and able to join the cyber arms race.

Plus, those 100k are the admission ticket, not the ride fee. Actually getting informed about an exploit and how it works costs extra, and then you WISH it was just 100k...

Re:$100,000 is not rich. (1)

elucido (870205) | more than 2 years ago | (#39433463)

100k per customer. Multiply by x, with x being everyone and anyone willing and able to join the cyber arms race.

Plus, those 100k are the admission ticket, not the ride fee. Actually getting informed about an exploit and how it works costs extra, and then you WISH it was just 100k...

If it's profitable to do things this way then this might be the beginning of a new industry.

Re:$100,000 is not rich. (0)

Anonymous Coward | more than 2 years ago | (#39433661)

This isn't a new industry; just business as usually with new munitions: shell codes and pay loads.

Re:$100,000 is not rich. (0)

Anonymous Coward | more than 2 years ago | (#39433483)

$100,000 isn't cool, you know what's cool ... $100,000,000,000 ...

Just a reminder (3, Insightful)

Opportunist (166417) | more than 2 years ago | (#39433277)

When you're extorting, don't get greedy. At some point it's cheaper to just get rid of you than to pay you.

Re:Just a reminder (2)

elucido (870205) | more than 2 years ago | (#39433487)

When you're extorting, don't get greedy. At some point it's cheaper to just get rid of you than to pay you.

So who is going to do the getting rid of? Google?

Also it's not extortion. Bug testing is Googles job not ours. Finally you have all these agencies that want to buy exploits so it's more like weapons trading but thats basically what the defense industry does anyway. I don't see how this would be extortion but selling missiles to a NATO country isn't?

All Gun Makers Should Be Arrested?! (0, Insightful)

Anonymous Coward | more than 2 years ago | (#39433685)

America is known as the land of the free because of the
2nd Amendment. The right to bear arms.
Because guns kill people, they are evil. Those who make guns
are evil. They should be arrested for 'thought crimes.'

What is the logical solution, those of lesser intelligence?
The government (maybe the U.S. is a leader?) should
pay MORE THAN GOOGLE for exploits. Pay a decent salary
to 'security researchers.' Encourage a STRONG WHITE MARKET,
not a gray or black market.

What is the present situation? The French Company is NOT to blame.
They are a 'gray market.' The Black market is allegedly crime organizations.
By PAYING MORE than the 'gray market', the WHITE MARKET accomplishes
the following goals:

1.)render null the zero day vulnerability
2.)encourage needed expertise to the area
yes, that includes even teenagers who do NOT speak English and
write in obscure languages like OCAML.
3.)transparency, which spurs innovation and research.
4.)avoid similarities of the war on illegal drugs.

The war on illegal drugs.
Many articles, including Rolling Stone seem to indicate that WE, the
people, ALL OF US have lost in the war on drugs.
1.)plenty of innocent people kidnapped in Mexico .
2.)price of illegal drugs keeps dropping. The seizures (according to
government numbers) keep getting SUPER-LARGE.
3.)Prohibition of Alcohol worked well in America and we in the USA should
BRING BACK PROHIBITION OF ALCOHOL.
4.)the 'drug cartels' seem to be getting stronger and even more vicious.

There are plenty of automobile accidents in the USA. Auto manufacturers
kill people. Ban all auto manufacturers!

The present situation:
1.)US gets the worst of both worlds. All the expertise goes to FRENCH COMPANY.
Obiviously, they are our allies and would NEVER, NEVER, NEVER spy on our companies.
Airbus competes directly against Boeing. But there are no temptations, right?

2.)US companies including INNOCENT BYSTANDERS are afraid of being sued under the
DCMA or 'Hollywood copying laws.' This is the BEST AND FASTEST WAY TO STOP
small company innovation! RIAA copyright infringement lawsuits.

3.)SONY rootkit is an example of a 'gun maker.' Double standard of justice. SONY spies
via rootkit on INTERNATIONAL BASIS? Who cares? The French company is open and honest,
it appears. Obviously, here the FRENCH are evil. Yes, that includes the Italians are they are
close to France.

Summary: The U.S. is an ANTI-leader or even 'reactionary' in this area. Establish ongoing competitions,
with BIG PRIZES, open even to ELEMENTARY SCHOOL STUDENTS, and yes with REAL CASH MONEY.
Pay for real experts, not the 'fake ones' that seem to be prevalent. Publish the OPEN information about
vulnerabilities and allow fellow citizens to protect themselves.

LASTLY, stoopahs. This INTERNATIONAL TREND is important. Even 'honest security coders' may be
tempted to GET PAID BY A FRENCH COMPANY. Go to France on a 'business expense.' Enjoy
the chocolate and champaign and the company of FRENCH LADIES - ooh, la la! And do good
for NATO, our ally and do LEGAL INTERNATIONAL BUSINESS.

There are companies in the U.S. doing this! (3, Informative)

Anonymous Coward | more than 2 years ago | (#39433957)

Check out this company: Siege Technologies (http://www.siegetechnologies.com/). I had never heard of them before and have no idea how big they are. But they openly advertise that they have a "Vulnerability Discovery Incentive Plan" in their benefit package (http://www.siegetechnologies.com/careers).

They claim to do work for private companies and the U.S. government. They advertise a "Five year contract awarded to provide DoD with training material on Offensive/Defensive Windows Kernel Security and Development" and are advertising for jobs looking for Reverse Engineers.

Cut out the middleman? (0)

Anonymous Coward | more than 2 years ago | (#39433971)

As corporations are here for profit, I'm actually suprised something like this exists as companies could "leak" bugs and collect the fees themselves.

Scortched... (1)

guygo (894298) | more than 2 years ago | (#39434105)

Sounds like a good reason for the existence of Napalm to me. I wonder how their browser exploits would work against that?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...