The story, picked up also by the guardian here is rather interesting. In few words, a student @Darwin College at the University of Cambridge has published, on his personal website a MPhil thesis about how to construct a device which shows a flaw on the credit card system, which makes possible to make a transaction with a stolen card using any PIN.
The bankers has asked to take this information down. Now think about it for a moment. Instead to fix it, they asked to take it down.
I can foresee your objection.. They should give them time to act and then disclose the flaw. They actually did, because the problem was reported in 2009 (yes, last year) as said on this letter.
In the letter they also write why they will not take it down:
you seem to think that we might censor a student’s thesis, which is lawful and already in the public domain, simply because a powerful interest finds it inconvenient. This shows a deep misconception of what universities are and how we work. Cambridge is the University of Erasmus, of Newton, and of Darwin; censoring writings that offend the powerful is offensive to our deepest values.
This the right way to go. Full disclosure. Fix the problem, don’t hide it. It was also the position expressed @ the Moka Olografix. (An Italian camping about security which I went ages ago).
Hat tip to Ross Anderson and Omar Choudary.
Leave a Reply
You must be logged in to post a comment.