2 comments

[ 3.1 ms ] story [ 16.5 ms ] thread
Actually that is pretty sane and toothless. It does nothing about strong codes, strong pass-phrases, oob exchanged keys and so on.

The design limitation clause is pretty strong.

If just enables removal of artificial security enhancements.

Zdziarski seems to think it is quite dangerous. Thoughts? http://www.zdziarski.com/blog/?p=6046

I see the limitation clause and so forth, but some of the language still seems pretty broad and dangerous. In fact the way it is worded, it nearly contradicts itself, calling for "design limitation" yet requiring things that will inevitably require a design change. Which part of that contradiction would be upheld in the event this becomes law?