• United States



by Paul Kerstein

Juniper Hires Cisco Hacker

Nov 07, 20052 mins
CSO and CISOData and Information Security

It looks like there is life after Black Hat for Michael Lynn, afterall. The former Internet Security Systems Inc. (ISS) researcher haslanded a job with networking vendor Juniper Networks Inc. just monthsafter creating an international stir at July’s Black Hat USA conferenceby disclosing information about security weaknesses in Cisco routers.

On Friday, Juniper spokeswoman Kathy Durr confirmed that Lynn had beenhired by her company, but she declined to provide any other details onthe matter.

Lynn was forced to quit his job in order to give the presentation andwas quickly sued by both ISS and Cisco. That lawsuit was dropped afterLynn agreed not to discuss the contents of his presentation.

The security researcher has said he gave the controversial talk inorder to draw attention to a critical issue in the security of theInternet: security vulnerabilities in the software that powers routers.

“I think I did the right thing,” Lynn said after settling the lawsuit.”It was pretty scary, but the real important message was [that] therewas a potential or serious problem coming in the future. It wasn’t toolate to fix it, but you had to take it seriously.”

He may have achieved that goal. Earlier this week, Cisco patched asecond flaw in the Internetwork Operating System that powers itsrouters, saying it was related to the research Lynn had done.

A Cisco spokesman declined to comment on Lynn’s new job.

By Robert McMillan – IDG News Service (San Francisco Bureau)