decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.


You won't find me on Facebook


Donate

Donate Paypal


No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
Rot13! | 269 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Rot13!
Authored by: Anonymous on Wednesday, July 03 2013 @ 05:59 PM EDT
ROT13 does not hide the information from public disclosure. They were populating e-mail addresses to a public URL. If they used ROT13 of the ICC-ID in the public URL it might be harder to guess valid URLs, but they would still be public with no access restrictions. If you think about it ICC-ID is just a stupid way obfuscation the e-mail address that they want to pre-populate.

What they should have done is just had the client hold the e-mail address in a cookie and populate the form from the cookie. Shockingly, this is how EVERY other web site on the internet pre-populates login forms. In this case, since you have to know the user id in order to see a page with the user id pre-populated, the only purpose of encryption would be to prevent packet sniffers from scooping up e-mail addresses in transit.

[ Reply to This | Parent | # ]

Rot26!
Authored by: Anonymous on Friday, July 05 2013 @ 12:21 AM EDT
I was partly joking, but also partly reiterating the stupidity of the [DMCA] law
that makes it an offence to get round encryption, especially when that
encryption is pathetic and has not been used "seriously"[1] by anyone
for years; ROT13 is something school boys (a) use and (b) break (well I did, and
that was back in the '70s).

ROT26 is a perfectly "good" encryption as far as the DCMA is
concerned.

[1] "Seriously" as in /really/ wanting their data not to be read by
others, as opposed to being used because they can't be bothered to use proper
encryption and rely on stupid laws to push the blame on someone else when it's
more their fault when the data they aren't really that interested in keeping
safe is exposed. Anyone using a simple encryption ought to be named by any
defendant as aiding and abetting them and brought in as a co-defendant - after
all they deliberately chose a simple encryption to help them break it (didn't
they?).

[ Reply to This | Parent | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )