Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Keep Security Censorship Away From Linux
Jon Lasser, 2001-11-07

Opponents of vulnerability disclosure may have a surprise ally in Linux's second-in-command

Comments Mode:
Keep Security Censorship Away From Linux 2001-11-07
Corey Snow (corey@snowpoint.com)
Interesting article. I have to say that while I agree with most of what you said here, in light of what happened to Skylarov, I can't blame anyone for wanting to be cautious. This is essentially the first major repercussion of the passing of such short-sighted legislation as the DMCA. There's going ...

[ more ]  [ reply ]
If the Emporer IS wearing no cloths... (Freedom of Press vs DMCA)! 2001-11-07
FreePressAdvocate
Q: Do you think that the US Supreme Court (or any sensible US court) would rule in favor of resticting the US Constitution's "Freedom of the Press" rights, in favor of the Digital Millennium Copyright Act? Does the power of the DMCA superceed the Constitution?

Yes - It has been often told that t...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-07
igaware@lineone.net
It seems a bit of a pointless article. Anybody can look at any of the patch diff files and see exacly what has been changed. Changelogs are just an added summary and are highly unreliable. Remember Linux has source code and diff's. So exacly what is your point? Censorship - ehh, ugh?
Try again mat...

[ more ]  [ reply ]
Cox is crazy to get a job in the M$ 2001-11-07
Anonymous
This is a bad, bad, bad news.

...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-08
Anonymous
It seems obvious that if company want to use the DMCA to their advantage that it the feds will certainly back them in one way or another. I wonder how security censorship will impact our future. I can easily imagine an era where we run products that the have hidden "features" that allow the blackh...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-08
Alan
What Jon fails to point out is that the full security details are available, in those countries where it is safe to do so. ...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-09
Anonymous
Well said.
...

[ more ]  [ reply ]
DMCA No, Patriot Act Maybe 2001-11-10
trowe
While I haven't seen anything in the DMCA that would lead me to believe Alan Cox would be liable, I wonder about the Patriot Act which, at last reading anyway, made liable people who reveal information about cracking a system. Would he be liable for prosecution in the US for revealing holes in his o...

[ more ]  [ reply ]
Is The Cure Worse Than The Disease? 2001-11-11
Anonymous
Fact 1: The constitutionality of DMCA will not be decided by technical people. It will be decided by non-technical judges who will associate root exploit with root canal.

Fact 2: Alan's trying to point out the absuridity of the law is also giving amunition to the Microsoft side.

...

[ more ]  [ reply ]
Stupid americans and their stupid laws 2001-11-11
Anonymous (1 replies)
America have laws that defy their own definition of freedom. Yet those same laws don't seem to apply to people or companies that have a lot of money....

[ more ]  [ reply ]
Stupid americans and their stupid laws 2002-02-26
Anonymous
No kidding! That is why it is the duty of all Americans to ignore or purposefully disobey them. It's practically a national sport (prohibition, etc.) Remember, just because it is against the law does not mean that it is morally wrong, just as not everything legal is morally right. Part of our nation...

[ more ]  [ reply ]
You can still download it elsewhere 2001-11-11
CentrX
If you do not live in the United States, you can download the changelog from http://www.thefreeworld.net/non-US/ Interestingly, as this site is protected by the DMCA, if you do live in the United States but truly believe that the DMCA is not going to be enforced, you can circumvent the access protec...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-11
Markus
You miss the point that the changes
are available in the free world.

the world consists of more than the US....

[ more ]  [ reply ]
Hmmm... 2001-11-11
Anonymous
Looks like it's time for everyone to switch to OpenBSD...
It's made in Canada....

[ more ]  [ reply ]
Good Job Alan. Sucked in USA! 2001-11-11
Anonymous
I fully support Alan on this one. If the US thinks is can send a few coyboys outside their borders, kidnap however they want, hold them indefinitely without trial for being a 'suspected' terrorist, (or in this case hold them for an incredible length of time for being an intelligent programmer), then...

[ more ]  [ reply ]
In the long term this will have negative effects... 2001-11-11
kapone
While many people are slamming Cox's actions and opinions (as well as many others taking a similar stance), lots of people are missing (what I believe to be) one of the main reasons for full disclosure, education.

I myself agree with software authors and vendors being given a 'grace' period befor...

[ more ]  [ reply ]
is alan not violating the license of the software? 2001-11-11
daniel
I realize he is indeed posting the fixed code, and just
limiting the documentation, but does that not violate
the principle behind GNU and all that jazz?

daniel...

[ more ]  [ reply ]
So what? 2001-11-12
Anonymous
I really don't understand why people think this is such a big deal. If the USA want to have the DMCA then that's up to them.

Linux will still continue and the rest of the world will still have all the information about security as per normal.
Basically it comes down to:
America: We don't want t...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-12
Anonymous
I use FreeBSD. I'm not familiar with the Linux development process but why the heck don't you guys just do a CVS diff between versions to find out what's changed!?!?!?!?
...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-12
MdW(Pur1ty)
It is obvious to say that open disdussion about weaknesses in the kernel should not be withheld from the general public, and most of all not to people in the security bussines.


Further more:


This implies that we should not chose the Microsoft way of supplying information about the produc...

[ more ]  [ reply ]
Our return to BBS? 2001-11-12
Anonymous
Well...

on my country they didn't even ceased to exist.

Is wrong to have "freedom through obscurity"? ;)...

[ more ]  [ reply ]
Utter BS 2001-11-13
gnaw
Sorry guys, but this just friggin, utter BS.

I can only say this:

With Cox' self-censoring move, he gave way to the DMCA and other idiocy-plagued conglomerates of sick minds, who only want to play a part in the vast world of the 'net by sueing the hell out of other ppl and companies.

What d...

[ more ]  [ reply ]
Vendors SHOULD post EXPLOITS for thier daemons on web pages 2001-11-14
RADI_to_JA
It's crucial to post security-related info, and even go further - post all the exploits with a detailed description how to use them! But only after closing the hole and informing everybody....

[ more ]  [ reply ]
This is Dangerous and not Glasnost and Perestroika ! 2001-11-16
togo
What it potentially does is - by 'silencing' the constant 'litte' probing of the border for a potential to build up (without having been approached by a full width of open source developers) that could break the Machines in a much bigger way. Besides Possibly dishonest forces could without full doc...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-17
Anonymous
If Alan chooses to release less information regarding the security holes and patches made to the Kernel it really is no huge deal. Is the kernel itself is opensource? No?

Hence it could be evaluated against the previous version of the Kernel, thus displaying any and all code changes made. These...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-20
Anonymous
It would work nicely in other industries as well.
Imagine boeing and some engineers working on fixing an engine flaw for 6 months without notifying airlines that owns that model of the planes.

Like previously mentioned, the exploit code isn't the problem, it is just as much users not patching.
...

[ more ]  [ reply ]
Respect to MS - Alan Cox under politics (-) 2001-11-20
Anonymous
…...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-20
Nighthawk
"Cox's decision to delete security-related material from the Linux kernel changelog seems almost to honor Culp's request that we suppress information useful to attackers."

Ummm where did you get this idea from?

Perhaps out of Tim Mullen's fantasy notes?

...

[ more ]  [ reply ]
It is just the beginning.... 2001-11-22
Francisco Figueiredo (1 replies)
DMCA, Echelon, Carnivore, Patriot Act....Yes, Big Brother is coming!!No, it isn't some lunatic dictator, it has many names: Microsoft, Warner, ATT, GE, etc...They need no more to use the CIA to support some Pinochet guy...Now they have LAWYERS (God, keep them away from me!!!). And now they don't wan...

[ more ]  [ reply ]
It is just the beginning.... 2001-11-23
Anonymous
The USA is looking like a dangerous place to me, because I'm not a blonde headed blue eyed football star turned fbi.

If you post any discussion that violates the dmca or that could aid a 'cyberterrorist', even in a non-USA forum, but it travels through a USA network, you could be held liable??? ...

[ more ]  [ reply ]
Keep Security Censorship Away From Linux 2001-11-26
tom__b_
You don't mention anywhere in your article that Alan DID release the full log on NON-US servers. Get the difference? Report the whole deal or nothin' instead of half truths....

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus