[free-sklyarov] Re: Arrest of Dimitri Sklyarov
Andrew Lawrence
ausage at ausage.com
Wed Jul 25 00:15:18 PDT 2001
On July 24, 2001 02:32 pm, you wrote:
> Dear Mr. Lawrence:
> ...
> In response to those who attempt to justify circumventing, or trafficking
> in devices that circumvent, encryption and other technological measures
> that protect copyright in the digital environment, AAP urges them to
> carefully consider how their arguments would apply to precisely the same
> activities in connection with encryption and other technological measures
> used to protect privacy in that same environment.
I am writing this additional response at your question connects to the core
of my business, Smoke & Mirrors.
We develop commercial, database e-commerce web sites for medium to large
companies. Some of these web sites collect credit card information and other
private data from the users of the web site. Others contain large,
proprietary databases where access is provided an a subscription or pay as
you go basis. Obviously security is a major concern.
To responsibly secure these sites the free exchange of information is very
important. The majority of the security vulnerabilities of systems using the
internet are not discovered by teenagers poking their noses into places they
shouldn't go, but by skilled individuals using their experience and
imagination to try and perfect a better product.
As a result of the paper published my Mr. Sklyarov I now the exact strengths
and weakness of Abdobe's current protection systems. As professional
programmer, I am sad to say that I would be guilty of serious profession
misconduct and negligence if I were to use any of them to protect the data on
any of my clients web sites. In fact, in Canada such negligence in the
protection of private personal data could be considered criminal under our
laws where organizations have a legal responsability to protect the
information they collect.
The point is... If no one ever tries to pick the lock, how will I know if it
is any good. I have studied the algorithms and read the reports on the
various security protocols I use to protect my customers systems. I have a
whole suite of "hackers tools" I use to test the effectiveness of those
protocols. Without free and open communication I cannot do my job, but by
doing my job I may be prosecuted under the DMCA.
Sincerely,
--
Andrew Lawrence <ausage at smoke-and-mirrors.net>
Smoke & Mirrors http://www.smoke-and-mirrors.net
134A Leslie Street, Toronto, Ont CANADA M4M 3C7
Tel: +1 416 461 8708 Fax: +1 416 461 1758
More information about the Free-sklyarov
mailing list