I agree, they should not be allowed to make such claims unless they're willing to indemnify the statement with, say, a $1E15 award to anyone who can defeat their "security" and a $1E24 payment to anyone who sustains any loss on account of reliance upon it.


??? to what does that "it" refer?



There's no risk in referring to an already published item on the www, so long as it's a link and not a paraphrase. The courts here in the U.S. have already established that selling guns to known criminals is not, in itself, a crime, despite the fact that it's against the law to sell to known felons, the difference being that the criminals who aren't yet known felons simply haven't been convicted yet.

The sad fact that there are many who'd like to break into our houses for various reasons does not suggest in any way that we, in this forum, should help them, despite the fact that there are lock picking manuals and the like already published on the www, e.g. on youtube.

If I want your code, I'll ask you for it. If, for any reason, you think I shouldn't have it, I'll just have to do without. I certainly wouldn't buy your product and then attempt to copy it. I've been doing this reverse-engineering thing for many years. Back in the early '80's, my partner and I used to go to conventions and look at various products. We'd look at someone's board, and then my partner and I would sit down with a coffee and draw schematics of what we thought it was on a napkin. On those occasions where we learned something, it generally was that one could use this component instead of that, or this technique instead of that one. Not once did we replicate someone's circuitry, though we did easily learn how to improve on it. Not once did I have to "crack" a PAL, or a "secure" PROM. It can all be done from behavioral observation. I've never made a dime selling someone else's technology, though I have, at times, learned from it. I've believed that, by the time I can produce a copy, the original circuitry has been vastly improved upon by those who bothered to learn how it works rather than blindly copying it.

Maybe you believe in copying from your neighbor's test paper in examinations, or from his homework in school. I did that once, when I was about 10 years old, and haven't done it since, since it taught me not to rely on the other guy.

I think we should help people use their imaginations to be creative rather than helping them to steal in ordr to replicate what's already been done.

As for the manufacturers' claims of "security" ... that's an area where full disclosure is indicated. If there's a way ... any way at all, of defeating advertised "security" that's understood to work reliably, it should be disclosed to everyone. If the manufacturer still insists his product is totally secure, it should be trumpeted far and wide that it's not, ... "and here's how we prove it!" That position, IMHO, should be taken whenever a manufacturer claims anything that can be proven false, and the conditions under which it is false be published as well.

Encouraging people to attack protected devices for the purpose of gaining unwelcome access to them, however, is not what I think should be encouraged in this forum.

If you haven't anything more productive to do with your talents, then go ahead. It's not yet illegal.

RE