Status of Cryptography Research in implementation of the EUCD

[Ian Miller]

At 19:30 +0100 15/8/02, Owen Lewis wrote:
>> The problem with concentration on the rights of owner of the protection
>> scheme is that it is allows companies to market technically worthless
>> protection schemes with extravagant claims and gives them the means to
>> suppress all public criticism of those schemes.  In such an environment
>> there is comparatively little point in investing money in developing the
>> technology, rather than paying lawyers to silence your critics.
>
>1. Markets are largely self balancing.
Only where the participants in the market have the information to make
rational choices.  Where the law allows someone to suppress the truth they
don't 'balance' at all.

>2. If the law is a bad tool to redress market balance, vigilantism is surely
>worse.
In this case, the law isn't redressing market balance, it is creating
market inbalance.

Vigilantism (in the form of hackers exchanging information about weaknesses
in private) is going to happen anyway.  The question is whether the public
relying on the security products will have access to same information.
Responsible researchers telling the supplier first and then, after a
suitable delay, going public are doing a public service.  They should be
encouraged, not out-lawed.

Ian

--
Singularis Ltd, 32 Stockwell St, Cambridge, CB1 3ND
Tel:  +44 1223 525088	            Mobile: +44 777 5536663
Fax:  +44 870 0514333	 (e-mail preferred to Fax)