"For years, EFF has been warning that the anti-circumvention
provisions of the Digital Millennium Copyright Act can be used to
chill speech, particularly security research, because legitimate
researchers will be afraid to publish their results lest they be
accused of circumventing a technological protection measure. We've
also been concerned that the Computer Fraud and Abuse Act could be
abused to try to make alleged contract violations into crimes.
"We've never been sorrier to be right. These two things are
precisely what's happening in Sony v. Hotz. If you have missed this
one, Sony has sued several security researchers for publishing
information about security holes in Sony's PlayStation 3. At first
glance, it's hard to see why Sony is bothering — after all,
the research was presented three weeks ago at the Chaos
Communication Congress and promptly circulated around the world.
The security flaws discovered by the researchers allow users to run
Linux on their machines again — something Sony used to
support but recently started trying to prevent. Paying lawyers to
try to put the cat back in the bag is just throwing good money
after bad. And even if they won — we'll save the legal
analysis for another post — the defendants seem unlikely to
be able to pay significant damages. So what's the point?"