<<< Date Index >>>     <<< Thread Index >>>

[IP] The second sincerest form of flattery



------ Forwarded Message
From: Matt Blaze <mab@xxxxxxxxxx>
Date: Wed, 19 Jan 2005 20:53:58 -0500
To: David Farber <dave@xxxxxxxxxx>
Subject: The second sincerest form of flattery

One of my research interests is applying the principles of
"human-scale" security (such as mechanical locks and alarm systems) to
computer science.  Although human-scale systems are almost always
imperfect, their failure mechanisms are often much more gradual and
more predictable than their information systems counterparts, and I
believe that by better understanding why this is we might be able to
build computer systems that behave in similar ways.

Several particularly interesting illustrations of the phenomenon of
gradual and predictable security failure can be found in safes and
vaults.  I'm working on a survey paper, tentatively entitled
"Safecracking for the computer scientist," that I hope will stimulate
other researchers to think along similar lines.  Last month I finished
a first draft and put it on my web site.  (For those who've not seen
it, it's at http://www.crypto.com/papers/safelocks.pdf )

Although the paper is only of rather narrow interest, a couple of
weeks ago the wildly popular "Slashdot" news site discovered and
linked to the draft; somewhere around 50,000 people downloaded the
(large) pdf file that weekend.

My web server survived Slashdot's attention, but I was somewhat taken
aback by what happened next.

A couple of years ago I wrote a paper about weaknesses in the
keyspaces of master-keyed mechanical locks (it marked the beginning of
my understanding of the similarities between information and physical
security).  Some locksmiths were outraged that I would publish a paper
"revealing" security vulnerabilities in what they believed to be a
closed field.  See http://www.crypto.com/papers/kiss.html for details,
but to make a long story short, some locksmiths do not approve of
disclosing vulnerabilities in locks to the "general public," on the
grounds that open discussion aids the bad guys more than it helps the
good guys.  (I don't agree -- and the scientific method's requirement
for open scrutiny and debate does not provide an exemption when the
subject involves security -- but that's another story for another
time.)

Perhaps predictably, there has been a similar reaction to my recent
draft on safe locks.  Shortly after Slashdot linked to the paper, one
or more locksmithing trade groups discovered it as well .  The
response of some locksmiths to the draft has been at least as negative
as it was to my master keying paper.  I've received quite a bit of
uncomplimentary email from locksmiths, and I'm told that locksmithing
message boards have recently been abuzz with messages about what a
scoundrel I must be to again have written such an "unethical" and
"irresponsible" paper.

Ironically, the theme of my safecracking survey is that while safes
aren't perfect, they largely meet their requirements, and indeed,
computer security would do well to emulate their security principles.
Nothing in my paper (and indeed, no techniques of which I'm aware)
allow one to quickly open decent quality safes.  The paper's
conclusion is that even if one is fluent in the (not very) secrets of
the safecracking trade, the measurable security of even relatively
modest safes allows them to be used quite effectively for their
intended applications (especially as part of larger security system
that complement the safes' limitations).  I certainly don't think it
would have been unethical to have published an analysis that reached a
different conclusion, of course, but my paper as written could hardly
be considered an attack against the safe industry or its products.

As with the reaction to my master keying paper, many of the complaints
I've received are self-contradictory and emotionally charged, often
invoking "homeland security" in unspecified but ominous ways.  I've
developed a thick skin against this sort of thing, and I try not to
take it personally (although it's a bit disturbing to have so many
people so angry with me over my work).  It's rather like being accused
of witchcraft; many of the complainers don't seem to be seeking a
reasoned debate but are instead venting a broder range of unspoken
frustrations that go well beyond either me or my papers.  There is
simply no effective way to debate on these terms against an angry mob.

In any case, some locksmiths are apparently trying to organize a
letter writing campaign aimed at various officials at my university,
and I'm told that my department chair, my dean, the provost, and the
head of campus security have each received (a handful of) letters
complaining about me.  While Penn's support for the basic principles
of academic freedom would protect me even if these officials agreed
that my paper was somehow inappropriate, some of the letter writers
seem to have unwittingly stumbled upon a weapon that could potentially
be very effective (in other contexts) at silencing Internet-based
debate.  They have accused me of copyright infringement.

My paper is heavily illustrated with photographs of safe locks and
their components.  Several letters have (accurately) pointed out that
these photographs are protected by copyright and that by distributing
my paper I'm also distributing copyrighted material.  This, I must
admit, is entirely correct.  But I created every one of the images
myself, in my own studio, and with my own materials, cameras and
computers.  I arranged the subjects, lit them, and photographed them.
The results are copyrighted, to be sure, but I hold the copyrights.

Fortunately, my university is not in the habit of removing the online
papers of its faculty without checking with us first, and my paper has
remained on my web site unmolested by these spurious copyright claims.
But it occurs to me that, given the relevant provisions of the DMCA, a
more timid ISP might have reacted quite differently, choosing instead
to take down the controversial content until I could prove (or at
least assert) that I have the rights to the images in question.  This
could take days or even weeks, depending on the level of proof
demanded.  Such a tactic could be a very effective way to harass or
suppress authors of contraversial material, and, if done with the sort
of vague wording used in the letters about me, would appear to leave
the author with no recourse against anybody.  The letter writers
didn't actually claim copyright, but simply raised the issue. An
ISP (had it over-reacted) could plausibly claim that they were
simply protecting their interests in quickly taking the questionable
material offline.

I suspect that, in my case, the organizers of the letter-writing
campaign were not dishonestly attempting to exploit the DMCA, but
instead genuinely assumed that I had copied my images from some
commercial source.  A friend suggested that I should take this as a
compliment; after all, if imitation is the sincerest form of flattery,
perhaps being accused of copyright infringement is the second
sincerest.

Matt Blaze
19 January 2004


------ End of Forwarded Message


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/