Fwd: SPAM: Important Legislative Alert
Tue, 30 Jun 1998 08:05:41 -0400
This is a multi-part message in MIME format.
Content-Type: text/plain; charset=us-ascii
The following was posted to the Samba (SMB protocol) newsgroup, and
may be relevant to the security-related lists as well...
David Collier-Brown, | Always do right. This will gratify some people
185 Ellerslie Ave., | and astonish the rest. -- Mark Twain
Willowdale, Ontario | firstname.lastname@example.org, canada.sun.com
M2N 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb
From: Luke Kenneth Casson Leighton <email@example.com>
Subject: SPAM: Important Legislative Alert (fwd)
Date: Wed, 24 Jun 1998 18:06:41 +0000
X-Trace: news.demon.co.uk 898711025 nnrp-08:5675 NO-IDENT pc33.cb1.com:184.108.40.206
To: Samba Mailing List <firstname.lastname@example.org>,
Samba NT Domains Mailing List <email@example.com>,
Content-Type: TEXT/PLAIN; charset=US-ASCII
this has serious ramifications for the "nt domains for unix" project.
---------- Forwarded message ----------
Date: Tue, 23 Jun 1998 13:25:57 -0500
From: Simple Nomad <thegnome@NMRC.ORG>
Subject: SPAM: Important Legislative Alert
June 23rd, 1998 - The World Intellectual Property Organization treaty has
already passed the US Senate and is close to passing in the House. The
treaty would make it illegal, with extremely stiff penalties, to break
security schemes without the permission of the company that makes the
Programs like Pandora would be made illegal. People could not publish
vulnerabilities in products and encryption schemes, as done by NMRC in the
Hack FAQs. We would go back to the days of security vulnerabilities only
circulating in the underground as mailing lists like Bugtraq, NTBugtraq,
and Netware Hack are made illegal.
Even products such as Net Nanny and CyberPatrol, which "bypass technology"
by reverse engineering how various products work would become illegal.
Technically you could not refuse a cookie from a web site, so web sites
would be allowed to write files directly to your hard drive and you
couldn't do a damn thing about it.
This is plain and simple security through obscurity. Intellectual property
owners are using the legal system to protect their products instead of the
tried and true method of open systems and public review.
How will we know if anything is secure if all the "white papers" and
reports on a system's security are paid for by the manufacturers only?
Unbiased, "Consumer Reports-like" groups will be outlawed. Say goodbye to
NMRC, L0pht, Counterpane, and any consulting firm that does security
assessment of commercial software.
In addition, you will not be able to "quote" information from the Internet
without written permission. For example, I lifted the bulk of this text
from www.l0pht.com and re-edited it -- and under this proposed
legislation this would be illegal without getting written permission.
Reporters would be unable to "lift" quotes, students would be unable to
"lift" research material, and you would be unable to "lift" security info
for detailed reports without gaining the author's permission. This is NOT
the way the print media operates -- this could impact everyone you know.
Imagine pulling CD-ROMs from libraries and computers from elementary
schools. H.R. 2281 passes and you have started down this path running.
The Nomad Mobile Research Centre is vehemently opposed to this proposed
treaty. It has serious freedom of speech implications. It also gives
companies a license to produce shoddy, inadequate systems without fear of
exposure. Call your House Representative today and voice your concerns.
Simple Nomad .oOo. Data warrior, knowledge hunter/gatherer
www.nmrc.org .oOo. firstname.lastname@example.org