Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Crime Canada Networking The Courts Your Rights Online

Cisco Accused of Orchestrating Engineer's Arrest 160

alphadogg writes "Cisco Systems orchestrated the arrest of Multiven founder Peter Alfred-Adekeye last year in order to force a settlement of Multiven's antitrust lawsuit against Cisco, a Multiven executive said on Wednesday. Multiven, an independent provider of service and support for networking gear, sued Cisco in 2008, alleging that the company monopolized the market for its software. Cisco countersued, charging that Alfred-Adekeye hacked into Cisco's computers and stole copyrighted software. In May 2010, Alfred-Adekeye was arrested in Vancouver, Canada, on 97 counts of intentionally accessing a protected computer system without authorization for the purposes of commercial advantage, according to his arrest warrant. He could be sentenced to 10 years in prison and a $250,000 fine if convicted. The arrest came to light only this week after local Vancouver press reported it."
This discussion has been archived. No new comments can be posted.

Cisco Accused of Orchestrating Engineer's Arrest

Comments Filter:
  • MateWan (Score:1, Offtopic)

    by alphatel ( 1450715 ) *
    Remember the coal labor camps of the early 1900's where workers were brutally beaten and arrested if they didn't serve the company? Where even the most cooperative fellow would 'owe his soul to the company store'?

    What's the difference nowadays with the way that major corporations treat their workers, and all in the name of serving the CEO's paycheck.
    • The difference is that this isn't the company's worker, it's a competitor they're harassing. At least if you're being treated that way by your boss, you have the option to go elsewhere.

      I see this suit akin to Dell having someone arrested for changing their BIOS settings or replacing their graphics card.. granted, I've only read the summary, but I don't see how they can get away with it..

    • You're seriously comparing getting beaten to getting arrested for a crime you've committed?

      The simple solution to prevent the arrest would have been to not commit a crime.

      If you come after me with a lawyer, you're a rather stupid individual if you don't expect my response to be an all out assault on you with every weapon I have available.

      The guy wasn't a Cisco employee.

      The difference is ... no one gets beaten today. You're free to work elsewhere. The only reason you aren't free to work else where is becau

      • The simple solution to prevent the arrest would have been to not commit a crime.

        The only way you could know he actually did do it is if you hacked into his system and saw the evidence. Expect to be arrested on 100,000 counts of hacking into a computer system (each bit you saw counts as a separate bit of information you stole without authorization).

        If you'd RTFA, he was arrested in Canada on a court order from the USA based on non-existance evidence provided by Cisco. Only Cisco denies it, they claim t

    • by bl8n8r ( 649187 )

      > What's the difference nowadays with the way that major corporations treat their workers, and all in the name of serving the CEO's paycheck.

      They didn't have penicillin then.

    • Re: (Score:3, Insightful)

      by nomadic ( 141991 )
      "Remember the coal labor camps of the early 1900's where workers were brutally beaten and arrested if they didn't serve the company?" Ahh, if only we could return to that libertarian utopia again.
      • by butlerm ( 3112 )

        There isn't a libertarian on the planet who doesn't believe that the government should protect against force and fraud.

        • There isn't a libertarian on the planet who doesn't believe that the government should protect against force and fraud.

          Just that they should find a way to do it with no money and little power, right?

      • Yes, because brutally beating workers is such a libertarian ideal.

        My goodness, when I read Mises's work on Human Action, where he talked about his experience as a young man wandering around the labor camps, beating the workers to increase productivity, I shed a tear thinking about how I wish it were me...

        Except that none of the above is true, especially the parent's post.

        Go read a book, and you will learn. Or keep voting for the R's and D's, and you can stay in your box.

  • by erroneus ( 253617 ) on Thursday April 21, 2011 @08:51AM (#35892994) Homepage

    Not only are Cisco devices over-priced from the beginning, they are somehow not liable for the problems they might have when vulnerabilities are discovered. Fixes are only available after Cisco is paid for them and, once again, the fixes come without guarantees as well.

    Most people never get close enough to the networking hardware and infrastructure to experience this and so they remain under most people's radar. But as the article states, other vendors do not charge for updates.

    By industry standards and practices, they are definitely "not usual." But is it illegal? Are they abusing monopoly power? I guess that's for a court to decide. But if it can be shown that Cisco fabricated evidence that resulted in the criminal arrest of someone who has filed legal action against Cisco, then huge problems should result for Cisco executives including but not limited to prison time. I find this to be a very interesting case indeed. I hope we can follow this case in more detail as new information comes out.

    • by raddan ( 519638 ) * on Thursday April 21, 2011 @09:14AM (#35893272)
      The thing that surprises me the most is how often IT workers think that they need Cisco gear. There is very little that Cisco devices can do that cheaper third-party-- and sometimes even commodity hardware!-- cannot do. That is, unless you're running a proprietary Cisco routing protocol, or need to feel the mystique of running 'enterprise' gear.

      We dumped our Cisco gear years ago after attending a presentation on OpenBGP (in which the presenter talked about routing his Internet2 connection with a P4) and we haven't looked back since. And the equivalent Cisco machines for our border routers cost an order of magnitude more.
      • You don't buy Cisco because of the features, you buy Cisco because of TAC. At 2:30 AM when you have 96 phone lines down, the call center opens in 3 hours, and you're getting call supervision with no voice traffic, you call TAC. I got an engineer out of their Sydney office on the phone in 14 minutes, and we had the problem resolved within an hour. (It was a telco provisioning problem.) Having someone on hand to support a problem 24 hours a day, and a supply chain that can send a part out in 4 hours is a safety net worth paying for.

        • by Anonymous Coward

          This, and Cisco is also the IBM of networking gear (IBM as in "nobody ever got fired for buying IBM").

          Imagine you're in charge of buying network gear, and you go for a smaller, unknown vendor. Later on, if there's problems, your boss (and your boss's boss) will be saying "why didn't you go with Cisco? If you did, we wouldn't have these problems!". If you DO go with Cisco, and there's problems, then even if they're not solved quickly and satisfactorily, you can still say "don't blame me, I went with Cisco".

        • I haven't had a helpful TAC engineer in something like 5 years, and then only because we'd spent hours with their low-level filter people, correcting the SQL statements they were attempting to run over their remote session. They ended up replacing most of the hardware in the server (which was a nightmare in and of itself... and took far more than 24 hours) only after having us wipe and rebuild it from scratch, and that system still doesn't operate quite right. TAC is the thing that SmartNet is LEAST usefu
          • Agreed, our TAC experiences have been horrible in the last 2-3 years. We are fairly small (1200 users) but worldwide, and every time we want to get something fixed or new hardware it seems to take longer to get it done.

            NOT a fan.

        • by Anonymous Coward

          Cisco is not the only network vendor with 24x7 TAC! We dumped Cisco several years ago for Foundry (now Brocade) and Juniper. Both have same level of T

        • Re: (Score:3, Interesting)

          by raddan ( 519638 ) *
          I contend that you'd be better off using the money saved to develop in-house expertise. Firstly, an organization's network is domain-specific knowledge in the extreme. Secondly, smarter engineers tend to result in better network designs, e.g., the kind that do not have the kind of urgency that they need to be fixed in the middle of the night. Your own people should be better at solving those kinds of problems, or else they're not earning their paychecks. Outsourcing gruntwork, fine. Outsourcing thinkin
        • by IICV ( 652597 )

          Having someone on hand to support a problem 24 hours a day, and a supply chain that can send a part out in 4 hours is a safety net sometimes worth paying for.

          There, fixed that for you - a lot of companies who buy Cisco products don't need that level of support, and yet are paying for it anyway because Cisco is the "enterprise" solution.

        • by sjames ( 1099 )

          Some buy it because of TAC. A few of those even actually need it and can justify the cost. Others buy it used (for more than some new equipment would cost) because they can't afford it otherwise and then don't pay for any sort of Cisco support. Those are the ones to wonder about.

          At one time in networking, you almost had to at least put Cisco gear out front because otherwise any problem at all would be blamed on you (even if it was likely a Cisco quirk). That's just not the case anymore. I certainly don't mi

      • by rgmoore ( 133276 )
        It's called advertising. Even supposedly independent minded engineers will start to believe that Cisco gear is better than the other guy's if he hears it often enough.
      • by nharmon ( 97591 )

        People who learn on Cisco hardware tend to think of networking concepts in terms of how Cisco presents and manages them. A good example is 802.11Q. Cisco has this concept of trunking that a lot of other hardware vendors facilitate through simply tagging/non-tagging. If all you know about networking is what you learned from Cisco Press(tm), you will have a hard time getting that HP switch to pass tagged frames to your Cisco network, and ultimately give up saying "Ugh, HP switches suck, we need Cisco gear".

      • We dumped our Cisco gear years ago after attending a presentation on OpenBGP (in which the presenter talked about routing his Internet2 connection with a P4) and we haven't looked back since. And the equivalent Cisco machines for our border routers cost an order of magnitude more.

        My institution also dumped Cisco. It is USU - Utah's land-grant university. We have about 30K students/faculty/staff and about 200 buildings.) Our experience has been very positive.

        Years ago, we did a cost analysis and decided that Cisco didn't make financial sense. We could do everything we needed with cheaper, commodity devices.

        So, for the next couple years, all upgrades/replacements were to simpler structures. To non-proprietary protocols. And to non-Cisco equipment. We have been Cisco-Free for about 7 y

    • Sonicwall also charges for updates. If there's a vulnerability in 5.5 and you don't have a support contract with them then you can't download 5.5.1.

      Its an industry problem. These companies need to offer security updates for free. If this means rolling the cost of the support contract into the device itself, then fine, but the status quo of buying something and only having 30 days of updates is terrible.

    • Are they abusing monopoly power?

      Generally, in order to 'abuse monopoly power' they actually have to be a monopoly, and they are about as far from it as you can get. They are exclusive providers of nothing. They happen to be devices that people (us router flunkies) happen to approve of and use in most cases, but they aren't the only game.

      Cisco fits the middle ground areas well, but you don't use them at the high end. Juniper can provide bandwidth Cisco simply can't handle. You don't use them at the low end as they are just over priced,

      • by erroneus ( 253617 ) on Thursday April 21, 2011 @09:57AM (#35893892) Homepage

        According to what I read, the "evidence" to support his arrest has not been produced and delivered to the Canadian authorities. The claim of intrusion was made by Cisco to the US Secret Service. (The US Secret Service wouldn't just do this without a complaint or someone in high places issuing the directive after all.)

        So this guy was arrested on criminal charges for which no evidence has been provided. This smells "not right" somehow.

        • I am no lawyer but this is only a problem once he is convicted. Or did I miss the fact that he is being deprived of a chance to defend himself in court?

          In all seriousness, I get your point. But there is a major difference between "arrested" and "convicted". Arrested just means "you'll have your day in court". So this fight is far from over and any bad smells you are smelling will most likely be eliminated by the time this is all over.
          • by Sique ( 173459 )

            You can't even arrest someone without a minimum of evidence, may it be completely circumstantial.

      • Until now, I would have assumed there was no possible way Cisco could count as a monopoly. To many competitors with sizable market share, and real competition from some big dogs like IBM for parts of that share, would say Cisco simply couldn't pass the monopoly test part of antitrust law.

        But, having some parts of the federal judicial system available to issue warrants without probable cause is certainly an asset their competitors show no signs of having or misusing. The normal list of assets that could mak

      • by sjames ( 1099 )

        The allegation is that they are the sole provider of critical fixes to bugs in Cisco products that should never have been allowed out the door in the first place.

        They certainly ARE the sole provider. The idea is that they have a duty to fix factory defects for free, yet they leverage their status as sole provider to force people into support contracts in order to get those critical fixes, and so freeze out 3rd party support.

        The legal concept of monopoly goes well beyond the simplistic and almost never achie

    • Not only are Cisco devices over-priced from the beginning, they are somehow not liable for the problems they might have when vulnerabilities are discovered. Fixes are only available after Cisco is paid for them and, once again, the fixes come without guarantees as well.

      But I thought the reason to go with proprietary solutions was accountability? And what does all that certification mean if it doesn't come with a guarantee?

      • by sjames ( 1099 )

        In my experience any way, the certifications DO come with a guarantee. People who are Cisco certified will almost certainly come up with a "solution" that is baroque, brittle, and expensive compared to what a more generally educated network engineer would devise. They'll also swear blind that the other guy's solution can't possibly work because he didn't do it the "official Cisco way" (even while it is actively working).

    • by MECC ( 8478 )

      switching packets from NIC 1 to NIC 2

      That because cisco has leveraged hardware extensively for just that purpose. It's rare for CPU to get involved in forwarding a frame or packet on a cisco router or switch. That's in part why they're so expensive - its all done in ASICS, and even the memory is hard-wired for bitmasking searches.

  • Government by the corporations, for the corporations.
    War is Peace; Freedom is Slavery; Ignorance is Strength.
    With slavery and injustice for all (except the CEO).

    Remember that Cisco probably sold a lot of equipment to China to build its 'Great Firewall'.
    Dont believe me? Check it out:
    http://www.wired.com/threatlevel/2008/05/leaked-cisco-do/ [wired.com]

    I hope Cisco pays through the nose for this.

    • by Anonymous Coward

      The Cisco equipment are used in Golden Shield Project. It is not the same as the Great Firewall. -- the Great Firewall was there long before Golden Shield started.

  • Re: (Score:2, Insightful)

    Comment removed based on user account deletion
    • by MECC ( 8478 )
      Cisco warranties are strange creature indeed. In order to get a bug fix on warrantied products, you must have a TAC login. In order to have a TAC login, you must have a smartnet contract. Technically, the warranty is a temporary smartnet contract (I've searched their database using the serial # of new equipment under warranty but not smartnet net, not found it, then called cisco and they pull a smartnet contract number up)

      Its really messed up, but what it boils down to is that if you want to get a bug
  • Denies it and makes claim against the other party. More at 11!

    it will be interesting to see what evidence they do have. His claim maybe valid - but I don't find the fact he refutes it anything special.
    • He was arrested 10 months ago and the USA is refusing to disclose the evidence, not even acknowledging requests. They want him extradited based on secret charges over sealed and classified evidence.
  • by Wrath0fb0b ( 302444 ) on Thursday April 21, 2011 @09:32AM (#35893518)

    OK, this guy is a Cisco competitor involved in some legal dispute with the company that's being resolved in a civil court. He also is suspected on reasonable grounds to have committed a bona-fide crime against the company at the same time -- Cisco asks law enforcement to investigate the crime and arrest the criminal. That's not 'orchestrating' anything, nor does his status as a competitor that's suing the company have anything to do with the matter. Lawsuit or not, no one is entitled to break into Cisco computer systems -- the law doesn't say "You cannot gain unauthorized access to a computer system unless it is owned by a douchebag corporation that overcharges and dicks over the used market".

    There is no mention in TFM (which is largely sourced from unnamed "Multiven Execs" -- unlikely to be objective) that Cisco fabricated the evidence of the break-in or conspired to entrap the guy. He committed a crime, they sought his arrest which is 100% within their rights. They don't surrender protection of criminal law just because they are douchebags.

    Since /. loves car analogies, suppose we got in a car accident that was totally your fault but you dispute that and want a trial. Then on the night before the responsibility hearing, I throw a brick through your windshield. Does the merits of the civil trial have anything to do with whether I can be arrested? Would it matter if you were universally considered to be a jerk that screws everyone over?

    • My guess is the lawsuit actually brought to Cisco's attention that they had been hacked because he had access to information that was only available through Cisco. It's likely that his lawsuit is how the crime was discovered so I find no reason to be sympathetic to him. If you are going to break the law then sue someone using the information you obtained breaking the law you shouldn't be surprised if you are arrested for it.

      • by MECC ( 8478 )
        Were they really broken into? Or did he download bugfixed IOS images for redistribution to his customers with cisco gear?
        • Were they really broken into? Or did he download bugfixed IOS images for redistribution to his customers with cisco gear?

          Why 'or' and not 'and/or'? He could have accessed their system without authorization and used that access to download IOS images.

          There's still nothing about any particular content on any computer system that entitles an individual to access it without permission from the owner.

          • by MECC ( 8478 )

            Why 'or' and not 'and/or'?

            Because if he had a cisco login id, he didn't break in.

            • Because if he had a cisco login id, he didn't break in.

              According to TFA (or linked from TFA), he is alleged to have used a login belonging to his former coworker (he used to work at Cisco).

              Using someone else's credentials is fairly clearly an unauthorized use of a computer system, at least in such cases where the owner does not give that user permission to let others use his or her login.

    • by squallbsr ( 826163 ) on Thursday April 21, 2011 @10:32AM (#35894556) Homepage
      The orchestrating part is where the evidence of the crime (required for the extradition) hasn't been sent to the Canadians yet. They've had 10 months to provide evidence of the crime, but have not been able to produce it. So, the civil case, which was getting close to going to a Jury trial, got settled because the guy got arrested. This is one heck of a coincidence.
      • The orchestrating part is where the evidence of the crime (required for the extradition) hasn't been sent to the Canadians yet. They've had 10 months to provide evidence of the crime, but have not been able to produce it. So, the civil case, which was getting close to going to a Jury trial, got settled because the guy got arrested. This is one heck of a coincidence.

        It's not a heck of a coincidence to imagine that a party to a lawsuit might break into a protected computer system owned by their opponent for the purpose of gathering evidence to use at trial. It is not a coincidence at all, in fact, that these things would come to light at the same time either since the first Cisco might have learned about the break-in was precisely when some non-publicly available document was entered into evidence. So "10 months" might have been a few weeks from when Cisco was actually

        • It is a hell of a coincidence that a guy who's likely to be a witness in a civil trial got arrested just in time to prevent him from testifying. Is it really hard for you to conceive that Cisco could be playing dirty?
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      The issue here from the article is twofold:

      1- Cisco had the engineer in question (a key witness in a case taking place in the united states) meet them in Canada before he had to make a statement in the united states. At the same time Cisco also identified to a US prosecutor that a hacker had broken into there computers and was fleeing to Canada- indicating that they had evidence. He was subsequently arrested in Canada, and missed his court appearance in the states. Had they just waited he could have been

      • The issue here from the article is twofold:

        Where "the article" is statements from Multiven executives.

        At the same time Cisco also identified to a US prosecutor that a hacker had broken into there computers and was fleeing to Canada- indicating that they had evidence.

        And the DoJ and State seemed to think that the evidence had merit. Are you disputing that the evidence suggests he committed the crime or merely insinuating that?

        I want to make clear that I'm not stating that I think he did it. I'm just saying there is a normal extradition/trial process that we ought to follow to figure out whether he did the crime, same as any other criminal that is accused of a crime. He does not deserve special protection merel

  • by sirwired ( 27582 ) on Thursday April 21, 2011 @10:41AM (#35894750)

    I don't like Cisco's bugfix policy either, but that said, it is not unheard of for enterprise HW/SW vendors to only provide fixes to customers with a current contract. If you haven't paid for a warranty, you aren't entitled to HW fixes, why should you be entitled to SW fixes?

    If you want to pursue anti-trust violations because you think this is unfair, fine, but the WRONG way to go about it is to violate their policies (prior to the change) and then get caught.

    It sounds like this guy's entire business model (providing aftermarket service) is built around getting those fixes. If they were downloaded in the absence of a valid service contract, then I can guess this could be a valid criminal charge.

    • by CKW ( 409971 )

      Very true. But this bit:

      > "..buyers of used gear typically have to send the product in for inspection by Cisco before they can purchase a new contract, which can be an expensive process" ..sounds a bit anti-competitive (or something), effectively making it impossible to sell or buy used cisco hardware.

  • Sounds like any perfectly legit multinational corporation with too much marketshare just keeping "the competetive egde". Does this make anyone else remember Major General Smedley Butler, USMC [fas.org]'s words?

    This is way beyond sad. The last thing IT world needs are extraditions, even if the guy was quilty of the charges. If it takes 10 months to gather (make up) evidence, that makes me think he is innocent. I wonder how they are going to get anything posted as valid evidence, or are the separate laws for evidence a

  • Make sure your flanks are secure before you launch an attack.

  • "97 counts of intentionally accessing a protected computer system without authorization for the purposes of commercial advantage" I wonder how he did this? Did he used some ID/password that belonged to another person? I'm worried because I MAY have done that.
  • The ugly, greedy, juggernaut raises its head to swallow innocent and guilty alike. When does it end?

You know you've landed gear-up when it takes full power to taxi.

Working...