Full Disclosure mailing list archives
Symantec Buys SecurityFocus, among others.
From: full-disclosure () lists netsys com (Ed Moyle)
Date: Fri, 19 Jul 2002 09:41:55 -0400
On Thursday, July 18, 2002 22:57, Brian Hatch wrote:
This and other 'Protect your code with the DMCA' ideas are
interesting.
So we lock down our exploits with crappy encryption, hope someone uses them, and sue. Hopefully we win, and we get a nice check.
And the DMCA has just been upheld in court.
It does make a point about the stupidity of the DMCA, though... Win or lose, there is victory. If you win, somebody stealing your work gets slapped. If you lose, the DMCA is weakened. However, I spent some time thinking about this yesterday, and I've come to the conclusion that I *want* the "good guys" to be able to scan for exploits. If, through my actions, I make it harder for somebody to defend their network or whatever from attack, I don't want that. That's the reason I think most people post vulnerabilities anyway: they want to help the community rather than hurt it. It is just a shame that many companies don't have the same morality, and simultaneously make it harder for the good guys to fight the good fight and make money off of the work that people are freely donating. It is a problem in my opinion. I don't care if I don't get any credit or cash from research; that's not why I do it in the first place. Instead it is about giving back to a community that has given freely to me... -E
Current thread:
- Symantec Buys SecurityFocus, among others. Ed Moyle (Jul 19)