samba - Jun 1998 - SPAM: Important Legislative Alert (fwd)

this has serious ramifications for the "nt domains for unix" project.
luke.

---------- Forwarded message ----------
Date: Tue, 23 Jun 1998 13:25:57 -0500
From: Simple Nomad <thegnome@NMRC.ORG>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: SPAM: Important Legislative Alert

June 23rd, 1998 - The World Intellectual Property Organization treaty has
already passed the US Senate and is close to passing in the House. The
treaty would make it illegal, with extremely stiff penalties, to break
security schemes without the permission of the company that makes the
product.

Programs like Pandora would be made illegal. People could not publish
vulnerabilities in products and encryption schemes, as done by NMRC in the
Hack FAQs. We would go back to the days of security vulnerabilities only
circulating in the underground as mailing lists like Bugtraq, NTBugtraq,
and Netware Hack are made illegal.

Even products such as Net Nanny and CyberPatrol, which "bypass
technology"
by reverse engineering how various products work would become illegal.
Technically you could not refuse a cookie from a web site, so web sites
would be allowed to write files directly to your hard drive and you
couldn't do a damn thing about it.

This is plain and simple security through obscurity. Intellectual property
owners are using the legal system to protect their products instead of the
tried and true method of open systems and public review.

How will we know if anything is secure if all the "white papers" and
reports on a system's security are paid for by the manufacturers only?
Unbiased, "Consumer Reports-like" groups will be outlawed. Say goodbye
to
NMRC, L0pht, Counterpane, and any consulting firm that does security
assessment of commercial software.

In addition, you will not be able to "quote" information from the
Internet
without written permission. For example, I lifted the bulk of this text
from www.l0pht.com and re-edited it -- and under this proposed
legislation this would be illegal without getting written permission.
Reporters would be unable to "lift" quotes, students would be unable
to
"lift" research material, and you would be unable to "lift"
security info
for detailed reports without gaining the author's permission. This is NOT
the way the print media operates -- this could impact everyone you know.
Imagine pulling CD-ROMs from libraries and computers from elementary
schools. H.R. 2281 passes and you have started down this path running.

The Nomad Mobile Research Centre is vehemently opposed to this proposed
treaty. It has serious freedom of speech implications. It also gives
companies a license to produce shoddy, inadequate systems without fear of
exposure. Call your House Representative today and voice your concerns.

               .o.
Simple Nomad  .oOo.  Data warrior, knowledge hunter/gatherer
www.nmrc.org  .oOo.  thegnome@nmrc.org
               .o.

On Wed, 24 Jun 1998, The Hermit Hacker wrote:
> On Thu, 25 Jun 1998, Luke Kenneth Casson Leighton wrote:
> 
> > this has serious ramifications for the "nt domains for unix"
project.
> > luke.
> > 
> > ---------- Forwarded message ----------
> > Date: Tue, 23 Jun 1998 13:25:57 -0500
> > From: Simple Nomad <thegnome@NMRC.ORG>
> > To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
> > Subject: SPAM: Important Legislative Alert
> > 
> > June 23rd, 1998 - The World Intellectual Property Organization treaty
has
> > already passed the US Senate and is close to passing in the House. The
> > treaty would make it illegal, with extremely stiff penalties, to break
> > security schemes without the permission of the company that makes the
> > product.
> 
> How would this affect products written and maintained outside of the US?
> Its a US law, but what are its international remifaications?

i imagine that a number of things may potentially occur, which means that
we are ahead of the game and can deal with them (or get this law stopped).


1) people in the u.s who want to use samba won't, because despite a
possible misunderstanding of this law and its implications, the fact that
there's anything at all going "wrong" may discourage them from
using
samba.  "dang, one of the people that wrote samba is a law-breaker: i'm
not having anything to do with it".


2) mirror sites inside the u.s may be requested to remove their copies of
samba, as it contains "illegal" code.

this is not insurmountable: a separate library, like the libdes one, could
be stored on a server which does not have this law.


3) people wishing to work on samba (e.g me) will not be able to go to the
states, for fear of being arrested if i set foot inside the u.s.  anyone
wishing to improve samba will not be able to either work from or live in
the u.s.

hm.

luke