CipherCloud Invokes DMCA To Block Discussions of Its Crypto System 85
New submitter brennz writes "Cryptographers on StackExchange were discussing CipherCloud, using some promotional material from the same to provide detail. CipherCloud responded with a DMCA takedown request that some have characterized as abusive."
...characterized as abusive... (Score:5, Insightful)
There is no other way to characterize the DMCA.. It was no accident.
Streisand effect, anyone? (Score:5, Insightful)
Re:back up again (Score:5, Insightful)
There needs to be heavy punitive measures against this sort of thing.
Security credibility DEPENDS on peer review (Score:5, Insightful)
The question whether something promoted as "secure" actually is depends highly on exactly this: Someone coming and trying to break it. It's not like any other software product you use, where you, the user, can easily tell whether it does its job or not. You use some word processing software, you can instantly check whether it does what YOU want it to do (even if it happens to fail in some other department, you'll easily be able to tell whether it does what YOU want). You use some game, you can easily tell whether it gives you what you wanted in it.
Security software ... not quite. Whether it delivers what it promises isn't something you can check as the average user. Because, as the average user, you don't "use" it. Even as the person responsible for security in a company, you hardly have the time nor necessarily the knowledge to test it thoroughly. And before someone pipes in with "but if you can't break through bad security, you fail at your job", be aware that the job description for CISO hardly includes doing pen tests. If anything, you order them from companies who have the time and money to keep current with security issues.
So the question whether a product is good or snake oil highly depends on peer review, on people going out and hammering it. If you now go out of your way to keep people from just doing that, well, how should I judge such a move? This is much like a scientist publishing a breakthrough in anti-gravity, while at the same time forbidding everyone to attempt to reproduce his results.
That's about as much credibility is left after such a move.
Probably not secure then. (Score:5, Insightful)
Look elsewhere--the only thing that should be obscure about a crypto system is the key.
Re:back up again (Score:5, Insightful)
Well, now everyone knows beyond a shadow of a doubt that "CipherCloud" is insecure, or else they wouldn't have tried to suppress the conversation. Since their whole business is as a security provider...
Re:Security credibility DEPENDS on peer review (Score:5, Insightful)
Re:...characterized as abusive... (Score:3, Insightful)
That would imply reading the article. But at least now I can understand the nature of the takedown.
Why, it looks like young men playing leapfrog.
Re:Security credibility DEPENDS on peer review (Score:3, Insightful)
I know. But I don't have to add to bad software. And as self-taught freelancer I have to be a little bit more aware of my reputation. Taking cryptographic related task would be a lose/lose situation for everyone.
Re:Copyright in Universal Declaration of Human Rig (Score:4, Insightful)
"Fuck that, Copyright laws are important. If I make a software, I WANT all the users to pay me for my creation."
Copyright laws may be important, but they also need to be reasonable, and they also have to allow for "fair use". Anything else is a genuine crime against society.
A single screen cap out of a video, as part of a discussion about the product, is CLEARLY fair use, by U.S. law.
The problem here isn't the concept of copyright law. The problem here is greedy corporations and abusive laws like the DMCA.