CyberSoft, Incorporated Moral Guidelines

May 1995 by Peter V. Radatti

1853 by Charles Tomlinson

Some people criticize the publishing of white papers that expose technical security problems to the extent that people may be able to take advantage of the knowledge contained within them for nefarious purposes. We feel that this criticism is false and only helps those that have evil in their hearts. People who are responsible for security can only do their jobs effectively if they understand the true nature of the problems they are combating. This requires knowledge, explicit and succinct.

Those readers who may not believe this argument or believe that it may in some way be self-serving are referred to the treatise attached. It was published in 1853 and is over 140 years old. The argument was well made then and there is no reason to reinvent the argument now.

Peter V. Radatti
President
CyberSoft, Inc.

"Rudimentary Treatise on the Construction of Locks" was take from the section
"Should We Talk About Security Holes? An Old View"
contained in the book
"Firewalls and Internet Security"
by William R Cheswick and Steven M. Bellovin.
ISBN:0-201-63357-4.

Reprinted by permission of Addison-Wesley, publisher.

Rudimentary Treatise on the Construction of Locks, 1853

Charles Tomlinson

A commercial and in some respects a social, doubt has been started within the last year or two, whether or not it is right to discuss so openly the security or insecurity of locks. Many well-meaning persons suppose that the discussion respecting the means for baffling the supposed safety of locks offers a premium for dishonesty, by showing others how to be dishonest. This is a fallacy. Rogues are very keen in their profession, and already know much more than we can teach them respecting their several kinds of roguery. Rogues knew a good deal about lock picking long before locksmiths discussed it among themselves, as they have lately done. If a lock - let it have been made in whatever country, or by whatever maker - is not so inviolable as it has hitherto been deemed to be, surely it is in the interest of honest persons to know this fact, because the dishonest are tolerably certain to be the first to apply the knowledge practically; and the spread of knowledge is necessary to give fair play to those who might suffer by ignorance. It cannot be too earnestly urged, that an acquaintance with real facts will, in the end, be better for all parties.

Some time ago, when the reading public was alarmed at being told how London milk is adulterated, timid persons deprecated the exposure, on the plea that it would give instructions in the art of adulterating milk; a vain fear - milkmen knew all about it before, whether they practiced it or not; and the exposure only taught purchasers the necessity of a little scrutiny and caution, leaving them to obey this necessity or not, as they pleased

The unscrupulous have the command of much of this kind of knowledge without our aid; and there is moral and commercial justice in placing on their guard those who might possibly suffer therefrom. We employ these stray expressions concerning adulteration, debasement, roguery, and so forth, simply as a mode of illustrating a principle - the advantage of publicity. In respect to lock-making, there can scarcely be such a thing as dishonesty of intention: the inventor produces a lock which he honestly thinks will possess such and such qualities; and he declares his belief to the world. If others differ from him in opinion concerning those qualities, it is open to them to say so: and the discussion, truthfully conducted, must lead to public advantage; the discussion stimulates curiosity, and curiosity stimulates invention. Nothing but a partial and limited view of the question could lead to the opinion that harm can result; if there be harm, it will be much more than counterbalanced by good.