[ale] DMCA Protests]
Jonathan Rickman
jonathan at xcorps.net
Tue Jul 24 14:18:47 EDT 2001
On Tue, 24 Jul 2001, Joseph A. Knapka wrote:
> Absolutely. If it's illegal to make security-defeating tools, then
> there is no real security, only the illusion thereof. If Adobe or
> anyone else is using the DCMA as an excuse to avoid supplying real
> security in their products, they're idiots, because mere illegality
> never stopped anyone. (OK, it stops some people, but not everyone.)
You just hit the nail right on the head. I enjoy computer security research.
Thus, I am in posession of tools and exploit code that serves absolutely NO
purpose other than circumventing / testing the security of a given system. Were
this made illegal, I'd have to give up that part of my research. The bad guys,
however, are already breaking the law. Thus, they could care less about the
"tools of the trade" being illegal.
I make these tools available on the web and have wrestled with the ethical
issues raised by publishing "sploits". Someday, I may take them offline...but
that should be my choice, not some company who cant manage to develop a secure
product. There are two schools of thought in the security community regarding
that subject. I fall somewhere in the middle of the two. I support publishing
vulnerability information once the vendor has released a patch (or has been
given reasonable time to do so). To me, it's like a history book. Those who dont
study it, are doomed to repeat it.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list