Linux Today: Linux News On Internet Time.

The Register: Linux security self-censorship ominous

Nov 08, 2001, 06:36 (3 Talkback[s])
(Other stories by Jon Lasser)
"October was a bad month for proponents of full disclosure. First, Microsoft's Scott Culp argued in an essay that security researchers shouldn't reveal the nature of security holes in software. Then Culp may have found an unexpected ally in his war against full disclosure: Linux's second-in-command, Alan Cox.

Cox's decision to delete security-related material from the Linux kernel changelog seems almost to honor Culp's request that we suppress information useful to attackers.

While at least some of the security changes made in the prerelease of the 2.2.20 Linux kernel have already been discussed elsewhere, Cox claims that describing these changes might be in violation of the same anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA) used to prosecute Russian programmer Dmitri Sklyarov, and cited by Professor Felten in initial decision not to publish a paper describing weaknesses in SDMI."

Complete Story

Related Stories: