Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations

["andrew.wallace" <andrew.wallace () rocketmail com>]

On Thu, Feb 4, 2010 at 11:25 PM,  <a.harrowell () gmail com> wrote:
> -original message-
> Subject: Re: lawful intercept/IOS at BlackHat DC, bypassing and recommendations
> From: "andrew.wallace" <andrew.wallace () rocketmail com>
> Date: 04/02/2010 11:09 pm
>
> On Thu, Feb 4, 2010 at 8:19 PM, Gadi Evron <ge () linuxbox org> wrote:
> > "That peer-review is the basic purpose of my Blackhat talk and the
> > associated paper. I plan to review Cisco’s architecture for lawful intercept
> > and explain the approach a bad guy would take to getting access without
> > authorization. I’ll identify several aspects of the design and
> > implementation of the Lawful Intercept (LI) and Simple Network Management
> > Protocol Version 3 (SNMPv3) protocols that can be exploited to gain access
> > to the interface, and provide recommendations for mitigating those
> > vulnerabilities in design, implementation, and deployment."
> >
> > More here:
> > http://blogs.iss.net/archive/blackhatlitalk.html
> >
> >        Gadi.
>
> For the sake of clarity and transparency,
>
> Gadi Evron has absolutely no connection to this research whatsoever.
>
> He is famous in the security community for piggybacking off other peoples research.
>
> We are frustrated with him as much as we are annoyed.
>
> Andrew
>
> Security consultant
>
> CITATION NEEDED


You can goto Full-disclosure mailing list 
http://www.grok.org.uk/full-disclosure/ and ask about "Gadi Evron".

There will be plenty folks there who will tell you he is involved in 
plagiarism.

Andrew

Security consultant