Full Disclosure mailing list archives

Re: Multiple Backdoors found in eEye Products (IRIS and SecureIIS)

From: Dave Aitel <dave () immunitysec com>
Date: Mon, 03 Jan 2005 10:30:55 -0500

Daniel H. Renner wrote:

I recall an interview with a highly placed security executive back in
the later '90s.  In this interview he lamented being in the security
business in the United States with a line similar to:

"If you create and announce a security product in the United States, you
will very shortly have the NSA entering your premises and demanding 'Ok,
where is our backdoor?'"

And remember, eEye was started after one of it's co-founders woke up to
federal guns pointed at his head one fine morning, having been mistaken
as someone who had penetrated somewhere he shouldn't have.

Not to bash my own country here but, this leads to a question: How can
any security product, sub-product or service created in the U.S. hold
credibility even with the good intentions that the creators may have
originally had?

It's an interesting question, and Immunity answers it in this email wesent to DailyDave a while back.


http://archives.neohapsis.com/archives/dailydave/2004-q3/0206.html

Dave Aitel
Immunity, Inc.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Multiple Backdoors found in eEye Products (IRIS and SecureIIS) Daniel H. Renner (Jan 06)
- Re: Multiple Backdoors found in eEye Products (IRIS and SecureIIS) Valdis . Kletnieks (Jan 04)
- Re: Multiple Backdoors found in eEye Products (IRIS and SecureIIS) Dave Aitel (Jan 06)