EFF asks court to block US from prosecuting security researcher
This has been a controversy for quite some time. Companies don't like their flaws exposed, and for the most part researchers have honored this, at least to a reasonable degree. Generally, a period of time is given for the company in question to fix the problem, but if it fails then the issue is made public, somewhat akin to branding the company with a scarlet A.
Now, one researcher is working on a book that will point out common system flaws and how to either fix them or avoid them to begin with.
Matthew Green is working on a book tentatively titled Practical Cryptographic Engineering. According to the Electronic Frontier Foundation, it's about "methods of security research to recognize vulnerabilities in computer systems". The work requires getting directly into copyrighted code within a given device. And that violates section 1201 of the DMCA.
Now the EFF is asking a court to block the US from prosecuting Green. "Under Section 1201, computer researchers can face serious penalties just for selling a book that would help people build better, more secure computer systems", says EFF Legal Director Corynne McSherry. "As we explained when we filed a legal challenge to the law in July, such penalties violate the First Amendment and threaten ordinary people for publishing research or even talking about circumventing computer code that’s embedded in nearly everything we own. With the lawsuit underway, we’re asking the court to bar the government from prosecuting Dr. Green so he can publish a book that’s clearly in the public interest".
The EFF filed its request to the court on Thursday.