«There’s a saying that no good deed goes unpunished. The person who said this should have been a security researcher. Instead of welcoming vulnerability reports, companies routinely threaten good-faith security researchers with civil action, or even criminal prosecution. Companies use the courts to silence researchers who have embarrassing things to say about their products, or who uncover too many of those products’ internal details. These attempts are all too often successful, in part because very few security researchers can afford a prolonged legal battle with well-funded corporate legal team.»
Read more: A Few Thoughts on Cryptographic Engineering: Statement on DMCA lawsuit
The image in the header is “Computer Security – Padlock” by Blue Coat Photos released under CC-BY-SA 2.0 on Flickr.