Bugtraq mailing list archives
Re: OT: Copyright on Security advisories
From: dgranzow () GUNZOUR ISBU DIGEX NET (Doug Granzow)
Date: Fri, 19 Feb 1999 14:57:18 -0500
On Thu, 18 Feb 1999, Aviram Jenik wrote:
So what are my options (mine, and all the other folks who want to publish this information)? The way I see it, I can only do copy & paste of this information into an html page (including the PGP signature!!!), and put it on-line. I agree that this advisory has a very nice design to it, but it's way different from the design of our web pages. The content is also different. The target audience is different. These advisories are usually long, and very technical. Our articles are short, and less technical.
Copyrights do not prohibit you from referencing or summarizing the copyrighted work, as far as I know. A copyright protects the document itself, it does not protect the facts presented in the document. It doesn't sound to me like anything you are doing or wanting to do violates any copyright. If you want to shorten and summarize the advisory, you should feel free to do so, so long as you make it clear that your document is not the original, give credit where credit is due, and provide a reference to where someone can locate the original advisory. There is a very good reason to copyright, PGP sign, and prohibit modifications to security bulletins. When people start paraphrasing and editing security bulletins, there is a pretty good chance that the accuracy of the information is diluted, if not completely destroyed. Well-written advisories are usually very carefully worded to provide accurate information. (Unfortunately it seems that more and more often they are also carefully worded to promote a product or an organization of some sort.) Doug Granzow - I am not a lawyer. My opinions are my own, not my employer's.
Current thread:
- Re: [proftpd-l] root compromise ? (fwd) Rodrigo Campos (Feb 09)
- Re: [proftpd-l] root compromise ? (fwd) Joe Schmo (Feb 12)
- Re: [proftpd-l] root compromise ? (fwd) monk (Feb 13)
- Re: [proftpd-l] root compromise ? (fwd) Dirk Moerenhout (Feb 13)
- Possible Netscape Crypto Security Flaw Haze (Feb 14)
- Re: Possible Netscape Crypto Security Flaw Pete Krawczyk (Feb 16)
- snap utility for AIX. Larry W. Cashdollar (Feb 17)
- Re: snap utility for AIX. Brian Hauber (Feb 18)
- mSQL vulnerability. Christofer C. Bell (Feb 17)
- OT: Copyright on Security advisories Aviram Jenik (Feb 18)
- Re: OT: Copyright on Security advisories Doug Granzow (Feb 19)
- Re: mSQL vulnerability. John W. Temples (Feb 18)
- Re: [proftpd-l] root compromise ? (fwd) Joe Schmo (Feb 12)
- Debian GNU/Linux 2.0r5 released (fwd) Jamie Fifield (Feb 17)
- Regarding passwords in registry keys. Ash (Feb 19)
- Re: [proftpd-l] root compromise ? (fwd) Nic Bellamy (Feb 14)
- Re: ICQ99 crash Eric J. Stevens (Feb 15)
- Re: ICQ99 crash Joe Stewart (Feb 16)
- Re: ICQ99 crash Timothy Doane (Feb 16)