Cambridge refuses censorship on chip-and-PIN vulnerabilities

According to BoingBoing, the UK banking trade association wrote to Cambridge to have a student’s master’s thesis censored as it documented a well-known flaw in the chip-and-PIN system, Cambridge University’s Ross Anderson replied with the following:

Second, you seem to think that we might censor a student’s thesis, which is lawful and already in the public domain, simply because a powerful interest finds it inconvenient. This shows a deep misconception of what universities are and how we work. Cambridge is the University of Erasmus, of Newton, and of Darwin; censoring writings that offend the powerful is offensive to our deepest values. Thus even though the decision to put the thesis online was Omar’s, we have no choice but to back him. That would hold even if we did not agree with the material! Accordingly I have authorised the thesis to be issued as a Computer Laboratory Technical Report. This will make it easier for people to find and to cite, and will ensure that its presence on our web site is permanent….

You complain that our work may undermine public confidence in the payments system. What will support public confidence in the payments system is evidence that the banks are frank and honest in admitting its weaknesses when they are exposed, and diligent in effecting the necessary remedies. Your letter shows that, instead, your member banks do their lamentable best to deprecate the work of those outside their cosy club, and indeed to censor it. [Source: Cambridge]

The reply is full of win, academic world scores one.

What KahWee tweeted on 2009-04-16

  • EBay and Skype are splitting: #
  • Why does Twitter use Tinyurl when I still have sufficient remaining characters? I prefer the full url. #
  • @claudia10 It’s funny you mentioned about all caps, my aunt thinks all caps in the subject looks formal, lol… Like traditional letters. in reply to claudia10 #
  • @claudia10 I think they write something like REFERENCE TO COMPLAINT and they underline it or something. LOL in reply to claudia10 #

Why I hate reading formal letters

I have a pile of letters coming in from banks, insurance and school. I’m just leaving it there on my letter tray. I glance at them every day and blissfully ignore them. I especially hate it when they wrote a bunch of text for formality’s sake when all they want to say is: “Look, you need to pay XXX GBP263, do it before October or else.”

Cut the corporate crap, just go straight to the point. Or underline the main point or something. I’m always left transcoding from Formal to Human.

I wish they would just email me in a couple of sentence. Save those papers; I am not an accounting major. Kthxbai!