A lot of you would say that you already know that and may well add a few more adjectives to describe me.
Recently, it has come to light that work published by corelan.be had been plagiarized in course material used by http://www.infosecinstitute.com/. You can read up on the full details either at corelan.be or at attrition.org who have a lot of information on plagiarized content within the infosec industry.
Like most of my peers, I fully side with corelan.be in the fact that they have put effort into producing so much good quality material, only for someone else to steal it and try to make a profit from it. I picked up my cyber pitchfork with every intention to storm the castle, burn it down and come out with the King’s head impaled on the end of it.
However, I’ve been thinking (yes, it is a rare thing for me indeed).
I’m not a copyright expert, nor is there a black & white definition of what constitutes plagiarism. But the underlying principle is the same.
Someone puts time, money and effort into producing something original. In return they may want to sell that in return for money. Or maybe they give it away for free with the condition that they are recognized as the original creator.
Therefore, in accordance with my self-stated principle, I’m happy to fully support Corelan and I am doing the right thing. Case closed?
You see, someone a lot wiser than me once said, “principles are only principles if you hold onto them when they are inconvenient to you, not just when they are convenient.”
So I started thinking about my view on the issue. How have I felt about this issue in the past? To be honest, if it’s not been a friend or industry peer who’s the victim I haven’t really cared all that much. If I know people who download movies or songs illegally, I’ve never bothered. In fact, I’ve probably taken their side and blamed the hollywood studios or record companies for being too greedy and being too heavy handed in their approach towards dealing with people who download illegally.
How many people do I know who haven’t at least once downloaded a commercial piece of software for free and never payed?
How many people do I know with a jailbroken iPhone so they can download any app for free?
How many times have I seen a boss take credit for their employees work and thought, meh that’s just how it rolls around here.
As the old saying goes, ‘it’s all fun and games until someone loses an eye’.
With the corelan incident, I feel as if someone has lost an eye. Yet up until that point I too was playing the same game of pretend sword fighting with wooden sticks (no that’s not a euphemism for anything else).
I like to learn and share security knowledge. The whole point of sharing the knowledge is so that people adopt secure ways of working to protect themselves and the information of others entrusted to them. The point isn’t so that others can pass off my ideas as their own and make a profit from them. Be that financial or personal gain. I guess I need to expand that appreciation to all aspects of life otherwise it’s hypocrisy on my part. Which is probably just as bad as being a plagiarist.