Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Encryption Your Rights Online

CipherCloud Invokes DMCA To Block Discussions of Its Crypto System 85

New submitter brennz writes "Cryptographers on StackExchange were discussing CipherCloud, using some promotional material from the same to provide detail. CipherCloud responded with a DMCA takedown request that some have characterized as abusive."
This discussion has been archived. No new comments can be posted.

CipherCloud Invokes DMCA To Block Discussions of Its Crypto System

Comments Filter:
  • by fustakrakich ( 1673220 ) on Sunday April 21, 2013 @02:18PM (#43510759) Journal

    There is no other way to characterize the DMCA.. It was no accident.

  • by bakuun ( 976228 ) on Sunday April 21, 2013 @02:31PM (#43510821)
    Now I know to stay well clear of anything that has to do with Ciphercloud. I certainly wouldn't have seen the Stack exchange discussion (much less the fact that Ciphercloud feels that cryptanalysis is bad for them) if they didn't do what they did, though. Thanks, Ciphercloud!
  • Re:back up again (Score:5, Insightful)

    by TemperedAlchemist ( 2045966 ) on Sunday April 21, 2013 @02:43PM (#43510895)

    There needs to be heavy punitive measures against this sort of thing.

  • by Opportunist ( 166417 ) on Sunday April 21, 2013 @02:48PM (#43510921)

    The question whether something promoted as "secure" actually is depends highly on exactly this: Someone coming and trying to break it. It's not like any other software product you use, where you, the user, can easily tell whether it does its job or not. You use some word processing software, you can instantly check whether it does what YOU want it to do (even if it happens to fail in some other department, you'll easily be able to tell whether it does what YOU want). You use some game, you can easily tell whether it gives you what you wanted in it.

    Security software ... not quite. Whether it delivers what it promises isn't something you can check as the average user. Because, as the average user, you don't "use" it. Even as the person responsible for security in a company, you hardly have the time nor necessarily the knowledge to test it thoroughly. And before someone pipes in with "but if you can't break through bad security, you fail at your job", be aware that the job description for CISO hardly includes doing pen tests. If anything, you order them from companies who have the time and money to keep current with security issues.

    So the question whether a product is good or snake oil highly depends on peer review, on people going out and hammering it. If you now go out of your way to keep people from just doing that, well, how should I judge such a move? This is much like a scientist publishing a breakthrough in anti-gravity, while at the same time forbidding everyone to attempt to reproduce his results.

    That's about as much credibility is left after such a move.

  • by Jeremy Erwin ( 2054 ) on Sunday April 21, 2013 @02:51PM (#43510963) Journal

    Look elsewhere--the only thing that should be obscure about a crypto system is the key.

  • Re:back up again (Score:5, Insightful)

    by Anonymous Coward on Sunday April 21, 2013 @03:16PM (#43511077)

    Well, now everyone knows beyond a shadow of a doubt that "CipherCloud" is insecure, or else they wouldn't have tried to suppress the conversation. Since their whole business is as a security provider...

  • by Takatata ( 2864109 ) on Sunday April 21, 2013 @03:29PM (#43511157)
    100% agreement. That's on user side. I am a freelancing software developer. The only project offers I strictly refuse are projects which involve cryptographic tasks. I just can't deliver. I am self-taught and did learning on the job in many projects. When I get the task to put a rotating green cube on the screen, I know the job is done when I see a rotating green cube on the screen. Even if I never did any 3D graphics before. Cryptographics? In a few hours I could conjure up cryptographic algorithms, which encrypt text in a way I could not decrypt myself in a 1000 years. Too bad I can never be sure that a cryptographic expert could read my encryption almost like plain text. Odds are that exactly something like that would happen.
  • by fustakrakich ( 1673220 ) on Sunday April 21, 2013 @04:00PM (#43511305) Journal

    That would imply reading the article. But at least now I can understand the nature of the takedown.

    Why, it looks like young men playing leapfrog.

  • by Takatata ( 2864109 ) on Sunday April 21, 2013 @04:04PM (#43511319)

    Allow me to let you in on a secret: A good portion of people writing "security" software don't really understand it either. [...]

    I know. But I don't have to add to bad software. And as self-taught freelancer I have to be a little bit more aware of my reputation. Taking cryptographic related task would be a lose/lose situation for everyone.

  • by Jane Q. Public ( 1010737 ) on Monday April 22, 2013 @12:42PM (#43516503)

    "Fuck that, Copyright laws are important. If I make a software, I WANT all the users to pay me for my creation."

    Copyright laws may be important, but they also need to be reasonable, and they also have to allow for "fair use". Anything else is a genuine crime against society.

    A single screen cap out of a video, as part of a discussion about the product, is CLEARLY fair use, by U.S. law.

    The problem here isn't the concept of copyright law. The problem here is greedy corporations and abusive laws like the DMCA.

I've got a bad feeling about this.