We need security researchers!
The World Wide Web Consortium took the controversial and unusual step of standardizing DRM through something called Encrypted Media Extensions. This will become part of HTML5. Security researchers that expose flaws in HTML5 browsers can be punished by the DMCA or its international counterparts. This could lead to critical bugs being discovered in browsers that billions of users rely on, and more people exploiting them in the wild.
Some of the most respected security researchers in the world said last summer that they were prevented by the DMCA from coming forward with any flaws discovered.
EFF proposed that the W3C have DRM without having to eat its security researchers. is a brief, easy “covenant” that W3C members must sign to continue DRM work at W3C. Once they have signed, they will not be able use the DMCA and similar laws to harm security researchers.
The future’s browsers will be the interface to all automated systems. Security researchers around the world need to be aware that they won’t be able to use legal threats against companies if they reveal their errors.
Free Software Advocates protested at a W3C meeting in an effort to demand that the organization reform its DRM work. The Open Source Initiative stated it will not consider any DRM standards to be open until it signs an agreement similar to ours.
The W3C needs to hear from security researchers, whose future is in their hands.
Contact us if you are a security researcher who would like to voice your opinion. Your comments will be forwarded to Tim Berners Lee, Director of the W3C and Jeff Jaffe (CEO).
Signatories:
Bruce Schneier, USA
Alan Cox (UK), Honorary Fellow University of Wales Trinity St David
Emiliano DeCristofaro (UK, University College London)
Dr Steven J. Murdoch UK Principal Research Fellow University College London
Harry Halpin (France, INRIA)
Ian Goldberg (Canada, University of Waterloo)
Ron Deibert Canada, Canada Professor of Political Science, Director of Citizen Lab, University of Toronto
Jon Andersen, USA
Sergey Bratus (USA), Research Associate Professor Computer Science Department Dartmouth College
Joel R. Voss, USA
Paul Garrett Hugel, USA
Jacob Appelbaum (Germany, Tor Project)
Roger Dingledine USA, Tor Project
Ronald L. Rivest USA, MIT
Prof. Dr. Tanja Lange, The Netherlands, Technische Universiteit Eindhoven
Frederic Jacobs (Switzerland), Swiss Institute of Technology, EPFL
Dr Ian Brown UK, Oxford Internet Institute Professor of Information Security and Privacy University of Oxford
Philipp Winter (USA, Princeton University)
Sebastian Garcia, Czech Republic, Czech Technical University
Alex Kirk USA
Robert Erbes, USA, Assoc. Principal at IOActive
Nadim Kobeissi, France, INRIA.
Sharon Goldberg USA, Boston University
Roya Ensafi, USA, Princeton University
J. J.
Jacobo Najera, Mexico, Enjambre Digital
Seda Gurses USA, Princeton University
Dr. Daniel C. Howe Hong Kong School of Creative Media
Marco Ermini, Germany
Gary Cohn USA
Aaron Massey USA, University of Maryland Baltimore County
Greg Rose, USA
Juan Benet, USA, IPFS Project
Alex Leverington (Switzerland, Ethereum).
Anil Madhavapeddy (UK, Computer Laboratory University of Cambridge)
Ivan Arce, Argentina, Programa STIC, Fundacion Dr. Manuel Sadosky
Rikard Linde, Sweden, Director, Fores
Conno Boel (Netherlands), Software Engineering student at Avans University of Applied Sciences in Den Bosch
Paul Mundt (Germany, Adaptant Solutions AG)
Mark Seiden, USA, Internet Archive
Stephen Whitmore (USA, IPFS Project)
Paul Lindner USA
Trent McConaghy, Germany/Canada, BigchainDB/IPDB
Sandro Hawke, USA, MIT
David S. H. Rosenthal USA, LOCKSS Program
Johannes Ernst, USA, Indie Computing Corp
Milos Miljkovic USA, Tufts University
Sam Bowne (USA), Instructor Computer Networking and Information Technology City College San Francisco
John David Pressman
Aaron Zauner, Austria, Lambda: resilient.systems/SBA-Research/Consultant to EFF
Philip Wadler (UK), Professor of Theory Computer Science, School of Informatics University of Edinburgh
Feross Aboukhadijeh, USA, WebTorrent, Stanford University
Harry J. W. Percival (UK)
Ross Anderson (UK, Cambridge University)
Patrick Durusau USA
Marco Romano, USA
Thomas Sluyter (the Netherlands)
Rens Groenewegen (Netherlands, Cloud architect), CISSP
Dirk Krijgsman (The Netherlands)
Erik Duemig USA
Gaetan Leurent, France, Inria
Jeffrey Vagle USA, University of Pennsylvania Law School
Constantine A. Murenin USA, NetBSD
Jeremy Tippit USA
Randy Bush, Japan IIJ Research Lab
Kraig Behrn, USA CEO, Enguity Technology Corporation
Tony Vanquez USA Director of Regulatory Operations at L2Networks
Ben Tasker, UK
Vasily Kolobkov (Russia)
Thomas Casey Stone, United Kingdom
Nicholas Keene, USA
Grif Rosser, USA, DataCentre Security
Chris Roberts USA, Sidragon
John Brasher USA
AhwatukeeBuzz Managing Director: Theodore C Newcomb USA
Brendan O’Connor USA, Leviathan Security Group
Alan Rea (USA), Professor of Information Systems at Western Michigan University
James Vincent Ferrero USA
Sebastian Schultheiss (Germany, Computomics)
Steve Palmateer, Canada, Thalmic Labs
James Renken, Sandwich.Net, LLC
Tom Sullivan, USA, Sullivan Cybernetics, LLC
Gert Steenssens (Belgium, Software Developer & Security Researcher)
Philip Haworth (UK)
Carolyn Guertin (Canada, University of Ontario Institute of Technology
Greg Sadetsky, Canada
Stephen Kent Rose USA Lawyer, Attorney and Counselor of Law
Declan Murphy USA electrical engineer
Joby Elliott USA Web Developer, University of New Mexico
Margaret Bartley, USA, retired
Micah Sherr (USA), Provost’s distinguished associate professor, Department of Computer Science at Georgetown University
Marcelo Elizeche Lando, Paraguay, Infosec Consultant
Nathan Freitas, USA, Guardian Project/Tor Project/Berkman Klein Center
Thomas G Easton USA
Stephen J Taffee (USA), Retired IT Professional
Pedro Freire, Portugal, Senior IS Consultant
Grant Johnson USA Chairman SIMCO
Jonas A. Hulten, Sweden, computer science student
Scott Kallio, USA, EPIPHANYSOLUTIONS LLC
Thomas Asmuth, USA, Assistant Professor-Digital/New Media, Director, Bachelor of Fine Arts Program, University of West Florida
Dustin Juliano, USA
Chris Collins (Ireland, Software Engineer)
Russel Brooks USA
Tom Ritter, USA
Daniel Haaser, Germany, Computerhilfe Feucht
Matthew L Daniel USA
Germany, Elmar Lecher
Jose Antonio Ortega Ruiz, USA, CTO, BigML, Inc
Jonathan Poritz, USA
Christopher Brousseau USA
Andre Igler, Austria, Chaos Computer Club
John F. Doyle, Ph.D., USA, Indiana University SE
greg vassie, Canada
John Adams USA Head of Security Bolt Financial
K Moser USA
Jamie Powers, Esq., USA, Data Rights & Privacy Advisors
Dmitri Dalheim-Baeza, Canada
Ben Dechrai (Australia)
James Caruso USA, InfraStructure data Management International Inc.
Ben Johnston (Australia).
James L. McKee Jr.
Lou Ronnau, USA
Dr. Martin Krafft (Germany), independent security researcher, liberty activist and Debian developer
Gary Joseph, UK
R Dwayne Ramey USA
David Williams USA
Andrew FigPope, USA
Mark Judman USA
Marc Loehrwald, Germany
Siddharth Ravikumar, USA
Kevin Saylor USA
Richard E. Robertson, USA, President, Basketcase software, Missing Worlds Media, Inc.
Jack Daniel USA Security BSides
Vasili Revelas (Greece)
John Poole USA
Adriano Peluso, Italy
Douglas Stetner, Australia
Stephen Edgar, Australia
Dominik Golle, Germany, Hertie Network on Digitalization
Tennille Christensen, USA
Aaron Steimle USA, Glyph IP LLC
Jason Watson USA
Edward Anderson, USA Software Engineering Manager at Onsite.com
Francois Maes, Belgium
brannon rasmussen, USA
James Fowler, USA/Brazil
Alan Mayer USA, CISA and CRISC, CRISC, and CISSP Senior Information Security Consultants and Auditor
Felicien Fleury, Switzerland, Information Engineer HES/CISSP, Managing Director, NGSENS SARL
Joseph Lorenzo Hall, USA, Chief Technologist, Center for Democracy & Technology
Brett Campbell, USA
Greg Norcie, USA, Staff Technologist, Center for Democracy & Technology
Jeff Silverman USA
Robert Walker, USA CEO, PCPursuit Inc
Vlad Ionescu (USA, Red Team Operations), Mandiant/FireEye
Kent Williams King, Canada, University of British Columbia MSc student
Martin Shelton USA, The Coral Project, and The New York Times
Adarsh Jagannatha (India, Indian Institute of Technology Kanpur, IITK).
Nchinda Nchinda USA student, MIT, intern, ConsenSys
Jeremy Pesner USA Georgetown University
David Roux from South Africa/USA Blue Grass Airport Lexington, KY USA
Alexander Ose, USA, United States Digital Service
Flynn Joffray, USA
Marcel de Jong (The Netherlands).
Salvatore LaMendola USA
Alexander Urcioli USA
Donald McFarlane USA
Canada’s Andrew Schuch is the CEO of Halo Tech Consulting
David Olesik Canada, CEGEP Montreal, Quebec
Jean Harrington USA
Holger Levsen, Germany, Debian
Chester Wisniewski, Canada, Sophos Inc.
Ryan Mitchkowski, USA
Fred Frazelle, Mexico, Fundacion Anisa, A.C.
Charles Berret USA Columbia University
Michael Fischer (USA), Professor of Computer Science at Yale University
Thomas Greco, Singapore/Thailand/Japan/Indonesia, Omise/Ethereum
Joshua R. Simmons (USA, OSI Board member)
Cornel Punga, independent researcher, OWASP Timisoara, Romania
Alexander Finch, Argentina
Antonio Fontes, Switzerland, OWASP Geneva
Kevin W. Wall USA, OWASP
Harish Pillay (Singapore, Red Hat, and ISOC)
Johanna Curiel (The Netherlands), independent researcher
Chris HJ Hartgerink (The Netherlands, Tilburg University)
Alexander Sulzberger (Ghana), CEO of Ecoband Networks, member of AfriCERT, board member GISPA, board member Ghana Internet Service Provider Association
Justin Comps USA
Austin Prior, Ireland
Tiago Epifanio, Portugal
Stuart Ward (UK), Fellow, British Computer Society
Jay Sundu, USA, UC-Berkeley
Gianfranco Cecconi (UK), Digital Contraptions Imaginarium Ltd.
Micah Musick, USA, Virtual Fox Technologies
Lorin Ricker, USA
Ron Parachoniak, Canada
Francois Proulx, Canada, NorthSec
Tom Brennan, USA, OWASP Foundation
Greg Mestas, USA
Milton Smith USA, OWASP
Katie Moussouris USA CEO Luta security, co-editor ISO 29147 Vulnerability Disclosure
Dan Zulla (Malta), Thiel Fellow, Serial Entrepreneur
Robert Rudeloff USA OCC (US Treasury).
Gary Dentremont USA AT&T
Zachary Falgout USA, Texas Mutual Insurance
Craig Smith (USA), Research Directory of Transportation Security on Rapid7/Open Garages
Mike Francioch, USA
Richard Garrett Key USA, University of Texas at Austin