Scientists Banned from Revealing Details of Car-Security Hack
The UK has banned researchers from revealing details of security vulnerabilities in car locks. In 2008, Phillips brought a similar suit against researchers who broke the Mifare chip. That time, they lost. This time, Volkswagen sued and won.
This is bad news for security researchers. (Remember back in 2001 when security researcher Ed Felten sued the RIAA in the US to be able to publish his research results?) We’re not going to improve security unless we’re allowed to publish our results. And we can’t start suppressing scientific results, just because a big corporation doesn’t like what it does to their reputation.
EDITED TO ADD (8/14): Here’s the ruling.
Joe • August 1, 2013 7:12 AM
There’s two types of security: one is the type that strives to be hypocritical just to flaunt it, and the other strives to provide security. The former is basic tyranny and extremely common. This ruling is an example of the former.
What is the oh so difficult math here?
The internet is anonymous. The NSA with all their great surveillance powers can’t make it otherwise. When some woman gets beat up in China by the cops, and someone videotapes this with their phone, they can put that online for the world to see and condemn.
People have been reversing locks since locks have been around. They can just as well post that information for the world to see, sell it on the underground, or use it without having to solicit the opinions of tyrants.
And this, they will do.
It is, after all, very expensive for Volkswagon to actually have to order all those faulty lock systems fixed.
Trying to cover up seems a much better idea to that sort of person.