> Joe Dowlen wrote: > > (I am just interested in fixing my problem. I would never try to steal code > > from anyone else. The guys that do should take a course in Ethics. I know > > the time/value of programming.) > > I'd have to agree with Joe that stealing code is unethical. However, I have > more than once wanted to hack code in a device to fix bugs or otherwise > improve the functionality. Several people have suggested that even publishing > information on how to defeat security fuses is unethical. I strongly disagree. While publishing information about how to defeat security measures may quite reasonably annoy those who would wish such information to be kept secret, it is valuable to ensure that everyone knows what things are known to be secure so as not to rely upon something that is, in fact, weak. I am reminded of an incident where a major news publication discovered that the answers for a certain college-entrance exam were 'floating around' and suggested that the company giving the exam rewrite it so as to prevent cheat- ing. When the testing agency refused, the magazine went ahead and published all the answers for the test in question, thereby assuring that everyone (not just those with shady connections) would have the 'same' chance at beating the test and ensuring that if that test was given anymore the results from it would be totally worthless. Frankly, a lot of companies will try to push security flaws "under the rug" if they are discovered in the hopes that they will not become widely known. While this may be easier for the company than re-engineering their hardware or software product to remove the flaws, it unfortunately often results in the only people with knowlege of the flaws being those shady characters who would be most likely to unethically exploit them, while others go on relying upon the system to protect them from this unethical group (which it will not do).