Mike Lynn says he received a tip that the FBI has now also dived into the file related to the Cisco router bugs. Lynn resigned from ISS on Wednesday after being threatened with legal action if he did not cancel or change his talk about major bugs in Cisco routers at the Black Hat security conference. In his own words, he tracked down these bugs at the request of his employer. Meanwhile, Lynn reached an agreement with Cisco and ISS under which he would face no further liability, but in exchange would have to provide a copy of all of his computer data to verify whether he was committing criminal offenses such as stealing confidential information.
Lynn’s attorney, Jennifer Granick, said the FBI is investigating her client. This would involve an investigation following the presentation, which will probably be shut down shortly due to lack of evidence, now that the parties have reached an agreement among themselves. She also emphasizes that Lynn has not been charged and that no case is pending in court. Plus, the FBI has its reasons to be cautious.
In 2001, a Russian programmer, Dmitry Sklyarov, attended DefCon to hand out CDs describing how to circumvent the copy protection on Adobe’s digital books. Adobe filed a complaint and Sklyarov was arrested before boarding a plane to his home country, sparking a wave of protests against the company. Due to the much negative publicity, Adobe was forced to withdraw the complaint and the government had to let Sklyarov go again. Granick therefore stated that the amicable settlement that Lynn reached with both companies is sufficient not to be charged. If the story still gets a tail, there is still time to worry, says Granick.