Michael Lynn

From Wikipedia, the free encyclopedia

You have new messages (last change).
Michael Lynn presenting at Black Hat on Cisco IOS vulnerabilities, 2005
Michael Lynn presenting at Black Hat on Cisco IOS vulnerabilities, 2005

Michael Thomas Lynn, also known as Abaddon (after the biblical demon), was born in 1980 in Euless, Texas. He is an American computer security expert currently employed by Juniper Networks.

Lynn was born on September 6, 1980, the youngest child of four. His parents are Thomas Lynn, a social worker and Baptist minister, and Nancy Taylor, an appeals lawyer. Lynn graduated from Trinity High School in Euless, Texas, and then attended the University of Texas at Austin, majoring in mathematics. He was formerly an employee of Internet Security Systems (ISS).

[edit] Cisco controversy

Lynn came to widespread attention in July 2005 following a controversy, informally known as "Ciscogate", that resulted from his research into a major security vulnerability of Cisco IOS, the operating system used on Cisco Systems routers and other networking equipment. The vulnerability concerned IOS' handling of IPv6 packets and whether or not the problem could allow the routers to be exploited remotely. Although Cisco had originally discovered and fixed the flaw in April 2005, they did not inform their users of the true nature or severity of the problem.

Lynn was originally scheduled to present his findings at the Black Hat conference on July 27, 2005. The presentation had been approved by his employer, and did not mention details of any vulnerability. It instead focused on the fact that vulnerabilities in IOS could be exploited, similar to other computer systems. The focus of his presentation was on changing the security mindset surrounding the network infrastructure.

Despite the fact that Lynn had taken considerable care to remove as much technical detail as possible from his presentation, in order to make it more difficult for malicious hackers to duplicate his work, Cisco and ISS still objected to the talk, and threatened legal action just hours before the conference. The Black Hat organizers therefore allowed a team hired by Cisco to literally rip the relevant sections out of all conference materials, a short video of which was soon circulated on the internet.[1]

Lynn was warned by Black Hat not to give his speech and promised the organizers not to. He ostensibly [2] started an alternative talk on VoIP, which was met by booing from the audience. Lynn delivered his previously scheduled presentation despite the implications, bringing him international media attention. Though there have been conflicting reports over the timing and nature of Lynn's departure from his employer ISS [3], Lynn was told by ISS that he would be fired if he made his original presentation. Lynn then resigned voluntarily approximately one hour prior to delivering the original presentation as he had intended.

Lynn was initially represented at the conference by noted Cyber law attorney Jennifer Granick. The lawsuit filed by Cisco and ISS was settled with a permanent injunction upon both Lynn and Black Hat against further disclosure of information on the exploit.[4]

At the 2006 Black Hat event, Mike Lynn was invited by Cisco to attend the after Blackhat Party at PURE at Caesars Palace. Media reports that Mike "crashed" the party by social engineering the host are in dispute. [5] [6]

[edit] References


Persondata
NAME Lynn, Michael
ALTERNATIVE NAMES Lynn, Michael Thomas; Lynn, Mike; Abaddon
SHORT DESCRIPTION Security specialist
DATE OF BIRTH September 6, 1980
PLACE OF BIRTH Euless, Texas
DATE OF DEATH
PLACE OF DEATH

[edit] External link

Retrieved from "http://en.wikipedia.org../../../m/i/c/Michael_Lynn_93fd.html"
In other languages