[free-sklyarov] Re: Arrest of Dimitri Sklyarov

Andrew Lawrence ausage at ausage.com
Wed Jul 25 00:15:18 PDT 2001


On July 24, 2001 02:32 pm, you wrote:
> Dear Mr. Lawrence:
> ...
> In response to those who attempt to justify circumventing, or trafficking
> in devices that circumvent, encryption and other technological measures
> that protect copyright in the digital environment, AAP urges them to
> carefully consider how their arguments would apply to precisely the same
> activities in connection with encryption and other technological measures
> used to protect privacy in that same environment.

I am writing this additional response at your question connects to the core 
of my business, Smoke & Mirrors.

We develop commercial, database e-commerce web sites for medium to large 
companies.  Some of these web sites collect credit card information and other 
private data from the users of the web site. Others contain large, 
proprietary databases where access is provided an a subscription or pay as 
you go basis. Obviously security is a major concern.

To responsibly secure these sites the free exchange of information is very 
important. The majority of the security vulnerabilities of systems using the 
internet are not discovered by teenagers poking their noses into places they 
shouldn't go, but by skilled individuals using their experience and 
imagination to try and perfect a better product.

As a result of the paper published my Mr. Sklyarov I now the exact strengths 
and weakness of Abdobe's current protection systems.  As professional 
programmer, I am sad to say that I would be guilty of serious profession 
misconduct and negligence if I were to use any of them to protect the data on 
any of my clients web sites.  In fact, in Canada such negligence in the 
protection of private personal data could be considered criminal under our 
laws where organizations have a legal responsability to protect the 
information they collect.

The point is... If no one ever tries to pick the lock, how will I know if it 
is any good. I have studied the algorithms and read the reports on the 
various security protocols I use to protect my customers systems. I have a 
whole suite of "hackers tools" I use to test the effectiveness of those 
protocols. Without free and open communication I cannot do my job, but by 
doing my job I may be prosecuted under the DMCA.

Sincerely,

-- 
Andrew Lawrence         <ausage at smoke-and-mirrors.net>
Smoke & Mirrors         http://www.smoke-and-mirrors.net
134A Leslie Street, Toronto, Ont CANADA M4M 3C7
Tel: +1 416 461 8708	Fax: +1 416 461 1758




More information about the Free-sklyarov mailing list