Black Market Offers Cisco's PIX [Firewall Source Code]
NOVEMBER 05, 2004
Source code for Cisco Systems Inc.'s (Nasdaq: CSCO - message board) PIX firewall is up for sale. Too bad
it's not Cisco doing the selling.
An underground group known as the Source Code Collective is offering PIX version 6.3.1 for $24,000,
according to a newsletter posted by the group to Usenet on Halloween.
Little is known about SCC. The group debuted in July with an offer to sell source code from Enterasys
Networks Inc.'s (NYSE: ETS - message board) Dragon Intrusion Defense System for $16,000 as well as Napster
server and client source code for $10,000. Those prices have since gone up to $19,200 and $12,000,
according to the recent newsletter.
Those aren't the only companies in SCC's sights. The newsletter claims the group has virtual reams of
source code to sell, but a full list is only available to previous buyers. "If you are requesting something
from a Fortune 100 company, there is a good chance that we might already have it," the newsletter says. SCC
even takes requests, supposedly assigning a team of hackers to retrieve source code for a price.
The newsletters are posted by someone calling himself "Larry Hobbles" with an email address registered to a
South African domain. SCC originally did its selling through a Web site registered to a Ukrainian domain --
they're a very cosmopolitan crew -- but had to drop that business model, citing concerns from customers.
SCC now communicates with customers through email and Usenet only.
To allay concerns of authenticity, SCC is willing to sell its code in chunks, allowing the customer to
verify that the product appears genuine before purchasing the whole thing.
The PIX sale is Cisco's second significant source-code scandal this year. In May, hackers claimed to have
stolen the code for one version of the company's Internetwork Operating System (IOS) and posted part of the
bounty on a Russian Web site. A British man was arrested in September, but few other details of the
investigation have emerged. (See Cisco's IOS Code 'Compromised' and Cisco Code Hacker Arrested .)
� Craig Matsumoto, Senior Editor, Light Reading