Computerworld continues its reporting of Cisco’s source code leak, which has many ISPs and major companies re-examining their access control lists.
The problem, apparently, is that 800MB of Cisco source code for the Internetworking Operating System 12.3 and 12.3T systems was found on a Russian website. The Russians took the site down when requested by Cisco, but the feeling is that the bad guys have this code and are exploring it for weaknesses.
Is this a serious threat? Hard to tell. On the one hand, exploits have been found against various operating systems without having the source-code handy. On the other hand, having the source might make it easier to turn a router-crashing exploit into one that might result in a router compromise.
Personally, I think that the real risk in having the source code out is a legal one. With the code out, some enterprising hacker might discover that Cisco’s IOS actually has some copylefted code in it. If that code is present, then it would mean that all of IOS is contaminated and needs to be published as open source… I’m not saying that this has happened, but you gotta let a guy have his dreams…
Our best illustrations of 2022
Our artists’ thought-provoking, playful creations bring our stories to life, often saying more with an image than words ever could.
How CRISPR is making farmed animals bigger, stronger, and healthier
These gene-edited fish, pigs, and other animals could soon be on the menu.
The Download: the Saudi sci-fi megacity, and sleeping babies’ brains
10 Breakthrough Technologies 2023
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.