[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
lawful intercept/IOS at BlackHat DC, bypassing and recommendations
- Subject: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
- From: andrew.wallace at rocketmail.com (andrew.wallace)
- Date: Thu, 4 Feb 2010 15:58:44 -0800 (PST)
- In-reply-to: <[email protected]>
- References: <[email protected]>
On Thu, Feb 4, 2010 at 11:25 PM, <a.harrowell at gmail.com> wrote:
> -original message-
> Subject: Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
> From: "andrew.wallace" <andrew.wallace at rocketmail.com>
> Date: 04/02/2010 11:09 pm
>
> On Thu, Feb 4, 2010 at 8:19 PM, Gadi Evron <ge at linuxbox.org> wrote:
>> "That peer-review is the basic purpose of my Blackhat talk and the
>> associated paper. I plan to review Cisco?s architecture for lawful intercept
>> and explain the approach a bad guy would take to getting access without
>> authorization. I?ll identify several aspects of the design and
>> implementation of the Lawful Intercept (LI) and Simple Network Management
>> Protocol Version 3 (SNMPv3) protocols that can be exploited to gain access
>> to the interface, and provide recommendations for mitigating those
>> vulnerabilities in design, implementation, and deployment."
>>
>> More here:
>> http://blogs.iss.net/archive/blackhatlitalk.html
>>
>> Gadi.
>
> For the sake of clarity and transparency,
>
> Gadi Evron has absolutely no connection to this research whatsoever.
>
> He is famous in the security community for piggybacking off other peoples research.
>
> We are frustrated with him as much as we are annoyed.
>
> Andrew
>
> Security consultant
>
> CITATION NEEDED
>
You can goto Full-disclosure mailing list
http://www.grok.org.uk/full-disclosure/ and ask about "Gadi Evron".
There will be plenty folks there who will tell you he is involved in
plagiarism.
Andrew
Security consultant