[Moderator: This is from the opening page on the l0pht web
page right now. The page links to more information
so please visit those links as well.
I don't think I have to go into it on the serious
nature of these issues and how it will affect security
companies.]
(http://www.l0pht.com) New WIPO treaty threatens the legality of
legitimate hacking
06.22.1998
The World Intellectual Property Organization treaty has already passed the
US Senate and is close to passing in the House. The treaty would make it
illegal, with extremely stiff penalties, to break security schemes without
the permission of the company that makes the product.
Programs like l0phtcrack would be made illegal. People could not publish
vulnerabilities in products and encryption schemes. We would go back to
the days of security vulnerabilities only circulating in the underground
as lists like Bugtraq are made illegal.
This is plain and simple security through obscurity. Intellectual
property owners are using the legal system to protect their products
instead of the tried and true method of open systems and public review.
How will we know if anything is secure if all the "white papers" and
reports on a system's security are paid for by the manufacturers only?
Unbiased, "Consumer Reports-like" groups will be outlawed.
L0pht is vehemently opposed to this proposed treaty. It has serious
freedom of speech implications. It also gives companies a license to
produce shoddy, inadequate systems without fear of exposure.
Read more about this treaty:
Treaty could stymie ethical security tests, PC Week
Visit EFF and find out how you can fight this.
Detailed info on the treaty with commentary.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Jun 29 10:25:56 1998