The Cisco IOS security flaw, exposed by Michael Lynn
, that allows an attacker to take control of a router is currently being analysed
by computer security experts at the Defcon computer-security conference. They have been working around the clock to discover and map out the vulnerability, in spite of Cisco's attempts to keep the whole thing hush hush.
The hackers claim that they have no intention to use knowledge of the flaw to do anything malicious, rather they seek to illustrate the need for Cisco customers to update their software to defend against the possibility of attack. Some believe that the whole issue has been completely blown out of proportion.
Malevolent attackers are more likely to focus on easier targets such as home computers rather than the complex routers that direct traffic across the Internet, said Jon Callas, chief technical officer of PGP Corp., a provider of encryption software.
"An awful lot of the buzz that is going around is buzz because of the use of lawyers and injunctions and lawsuits rather than the actual thing itself," said Callas, who is not involved in efforts to hack the software.