"I've even seen rare glimmers of people criticizing EFF for trying to make a cause celebre of him."
Perhaps it's entirely possible that the EFF is just like any other organization that needs to find ways to justify their existence. The same with security researchers cloaking many of the things that they do in some quest for the greater good (the "if it wasn't for us" argument).
You know locksmith tools are available for purchase over the internet. But that's not enough! We should teach lock picking in schools so that people develop new and better ways to prevent their own locks from being picked and invest in more security against people that have been trained to pick locks. Because disclosure and transparency makes everything better and nobody thinks there is any value at all in obscurity or making things a bit more difficult by not being so out in the open.
Pretending that finding some security flaw is not about capturing the flag and all about saving humanity really bothers me to no end.
With physical locks you are exposed to the few people that can walk up to the lock without attracting attention. With digital security, you are potentially exposed to every connected system on the planet. An invisible attacker can't pick your lock, but could hack your security system. That is why digital security is paramount.
Robots are not going door to door picking locks, but that is exactly what happens every second of every day to every system on the Internet. It only takes one, and there are lot of disenfranchised smart people around the globe.
Perhaps it's entirely possible that the EFF is just like any other organization that needs to find ways to justify their existence. The same with security researchers cloaking many of the things that they do in some quest for the greater good (the "if it wasn't for us" argument).
You know locksmith tools are available for purchase over the internet. But that's not enough! We should teach lock picking in schools so that people develop new and better ways to prevent their own locks from being picked and invest in more security against people that have been trained to pick locks. Because disclosure and transparency makes everything better and nobody thinks there is any value at all in obscurity or making things a bit more difficult by not being so out in the open.
Pretending that finding some security flaw is not about capturing the flag and all about saving humanity really bothers me to no end.