I'm curious as to why you are subscribed to Full-disclosure when you
are obviously a lawyer Alan...
Copyright means the right to publish a work in its entirety.
As long as
they aren't republishing the whole code when they find a
vulnerability,
it's protected under fair use. What is illegal to republish isn't
illegal to acquire. If one acquires the Cisco code outside of a
licensing arrangement, they surely didn't agree to their additional
restrictions preventing audit or duplication.
Let's forget the copyright argument for a second here. Cisco's text of
their code is their property. It was stored in a (up until now) secure
location and was only available to Cisco employees and those that Cisco
allowed to have access. The code has been stolen in some manner. Now
that this code is stolen, anyone who has a copy of that code is a
suspected thief until such time as they show that they did not steal it,
or that they are not an accomplice or have not received stolen property.
Holders of the code must (if necessary) show that they are holding the
code legitimately.
Copyright has three parts of stuff all to do with stealing property and
does *not* apply here (not where I come from at least).
Yes, the DMCA changes things slightly, but it doesn't change
it in this
regard. No 'protections' were circumvented if they merely got it from
somebody else. Cisco will have to go after the original culprit.
That's called Receiving Stolen Property.
I for one will not allow right-wing bigots to redefine
copyright to mean
something it never intended. The law is not broken in this case, even
though you think it is morally wrong. Get over it.
Ooooh, a flame. You shouldn't try to redefine where copyright applies
either Alan. BTW, that soapbox is mighty high. Be careful you don't fall
after making personal attacks like that.
Brad
