Cisco Source Code Up For Sale: Only $24,000 292
spackbace writes "The notorious, mysterious Source Code Club (SCC) has re-emerged, this time selling source code for a Cisco application in another blatant violation of copyright regulations.
Believed to be an anonymous collection of hackers, the SCC this week announced in a posting on a group Web site that it is offering the complete Cisco Pix 6.3.1 source code for US$24,000. Cisco Pix is a firewall application providing security, intrusion protection, network monitoring and other services for business and carrier networks."
Pirated? (Score:1, Interesting)
Proof open source is better. (Score:1, Interesting)
Best to start open source from the beginning. F/OSS is clearly a culture of more balanced individuals.
oh well (Score:5, Interesting)
Also the 'IDS' features of the pix are static and pretty mundane and not tied to the IDS product so i am sure most people know how to get around them.
Weekend project (Score:4, Interesting)
2)Purchase Linksys W54G from BestBuy
2.5) Port SCC code onto W54G.
3)Resell Modded Linksys W54G to Fry's Electronics
4)Profit!!!!
Re:Money exchange? (Score:5, Interesting)
Of course, there's also the chance they could totally get away with it too...but not likely. Criminals always think they're smarter then the people after them, but they only have to make one mistake to kiss it all goodbye. Or just wait until the statute of limitations is up.
Out of Date (Score:3, Interesting)
Why trust these guys? (Score:4, Interesting)
The SCC team does not expect you to trust us. To address this problem, we will split up the information into many files and you may purchase each part for a fraction of the total price. As your confidence grows with SCC, you may feel compelled to purchase these parts in bulk. Here is an example:
We are offering you a ~1 gigabyte compressed file for $10,000. We offer this file in 20 50 megabyte parts at $500 per part (10,000/20). You send us $500, we send you part 1. You send another $500, we send part 2. You choose to send $1000 and we send parts 3 and 4, etc etc. The rate that you purchase pieces is entirely up to you. As your confidence grows, we know that you will choose bigger pieces.
We also include detailed instructions on how to decrypt and put together the peices, it is a simple process that can be done with any unix computer.
The problem with this scheme is that critical elements of the source can be intentionally withheld and that those pieces could be sold in all likelihood at a ridiculous amount. I mean if a moronic company actually decided to buy source code from these guys, and they are spending $5,000 on each "piece" of the code, they will want the entire thing. This goes beyond just scamming the software companies... this is almost similar to a Nigerian 419 scam [rica.net] in a way.
Re:Anonymous collection of hackers? (Score:5, Interesting)
put it on eBay, make money (Score:2, Interesting)
Put it on eBay and people will pay 4 times what it's worth, then re-sell it for half what they bought it for 2 months later. Reverse-economics.
Re:Not even close (Score:3, Interesting)
Stateful packet filtering is not an art. You could just as easily look at the code for a BSD-licensed packet filter, and get the same functionality.
You could bribe someone who has signed an NDA for less than $24,000, and you'd get actual specs, not just source code. It wouldn't be any MORE or less illegal. Cisco is going to suspect something when your product can interact with all the products it does.
Exactly... It's not legal, so any commercial use of it will end badly. So what's left to do with it? Finding exploits is the only one I can come up with.
Re:Pointless (Score:2, Interesting)
I don't know if the parent was being sarcastic, but here in my town, the police actually encourage this behavior.
We've had several home invasion robberies where people's marijuana and cash were stolen, who called the police, and had no charges pressed against them.
Our local police chief said he'll never prosecute people under these circumstances... his opinion is that it's better to get the people off the streets performing these robberies than it is to lock up these unlucky potheads, and thus he doesn't want them to be afraid to call the police.
Of course I live in Northern California as well, so that could have something to do with it...
Re:Why bother? (Score:3, Interesting)
Just for yuks, you might want to consider M0n0wall [m0n0.ch]. I'm evaluating it for a client right now, and it's very impressive (BSD-based with a good PHP interface.) I'm running it on a PCEngines WRAP 1C-2 [pcengines.ch] board (cheaper & faster than Soekris) and it works a charm (I ditched my cantankerous PC firewall for this a while ago.)