Re: Comment on DMCA, Security, and Vuln Reporting

[Stephen Samuel <samuel () bcgreen com>]

If something like this HP attack on security research actually flies
in court, then I think there is a very good chance that it can be killed
on the basis of the first amendment.

To play with the analogy used in one supreme court decision on the first
amendment:

   This law makes it illegal to stand up and yell "fire" in a crowded theatre--
   but only if there really is a fire.

Richard Forno wrote:
> Given the recent news about HP using DMCA to shutter a Bugtraq disclosure of
> Tru64 vulnerability, I felt it appropriate to chime in. I hope you find my
> comments of-value and worthy of relaying onto the list.
.....
> The way we're going, thanks to HP's legal geniuses, we may as well call
> NIST, NSA, SANS, and IETF to rewrite a new 'industry standard' definition
> for 'computer security' that places the vendor's profit and public image
> above the confidentiality, integrity, and availability of end-user data and
> systems. For all intents and purposes, Congress has already done that with
> DMCA and Berman's proposed "Hollywood Hacking" Bill -- they just forgot to
> inform (or seek counsel from) those of us working in the real information
> security community.
>
> Bleeping idiots. Congress and Corporate America. When it comes to technology
> policy, neither has the first clue . No wonder we're in the state we're in.


--
Stephen Samuel +1(604)876-0426                samuel () bcgreen com
                   http://www.bcgreen.com/~samuel/
Powerful committed communication, reaching through fear, uncertainty and
doubt to touch the jewel within each person and bring it to life.