Re: Reverse Engineering - Legality

[Jeffrey Walton <noloader () gmail com>]

Hi chintan,

> I will do some additional research, I believe that should help.
Also see David Musker's "Protecting & Exploiting Intellectual Property
in Electronics." He discusses quite a few rulings, including Sega
Enterprises Ltd v. Accolade (OK for Accolade to use 20-25 bytes of a
Sega cartridge-based security device) and Atari v. Nintendo (copying
for is OK under fair use, but using the Copyright Registry as a cheat
sheet infringed).

Jeff

On Wed, Jun 30, 2010 at 9:14 PM, chintan dave <davechintan () gmail com> wrote:
> Thanks for your prompt response Jeffrey.
>
> I will do some additional research, I believe that should help.
>
> On Wed, Jun 30, 2010 at 5:59 PM, Jeffrey Walton <noloader () gmail com> wrote:
> > Hi Chitan,
> >
> > A few years back, I spoke with an EFF lawyer on RE and interop. He
> > told me that some RE was legal for interop purposes [1]. However, we
> > never spoke in terms of a security assessment. I suppose the next step
> > is to understand the legal points of "doctrines of merger" and "scenes
> > a faire".
> >
> > Jeff
> >
> > [1] "...the courts are willing to allow a limited amount of reverse
> > engineering of copyrighted materials for the purpose of achieving
> > interoperability between computer products as long as the final
> > product does not contain any infringing code. When it does contain
> > such code, it may at times also be excused under the doctrines of
> > merger and scenes a faire if it is necessary to achieve
> > interoperability or functions as a lockout code."
> >
> > On Wed, Jun 30, 2010 at 10:23 AM, chintan dave <davechintan () gmail com> wrote:
> > > Hi Experts,
> > >
> > > I need a small help from you.
> > >
> > > Is RE legal for security assessments of products purchased from vendors?
> > >
> > > There has been a bit of confusion around RE topic.
> > >
> > > I know it is illegal to do RE to steal the idea, however this one, I
> > > need feedback from you folks.
> > >
> > > If you can share some authoritative resources that could confirm on
> > > the legality/illegality, it would be great.
> > >
> > > --
> > > Regards,
> > > Chintan Dave,
> > >
> > > LinkedIn: http://in.linkedin.com/in/chintandave
> > > Blog:http://www.chintandave.com
> > >
> > > ------------------------------------------------------------------------
> > > This list is sponsored by: Information Assurance Certification Review Board
> > >
> > > Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB 
> > > CPT and CEPT certs require a full practical examination in order to become certified.
> > >
> > > http://www.iacertification.org
> > > ------------------------------------------------------------------------
>
>
>
> --
> Regards,
> Chintan Dave,
>
> LinkedIn: http://in.linkedin.com/in/chintandave
> Blog:http://www.chintandave.com

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------