Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If it's HTTPS stuff, they might be claiming that it falls under DMCA 1201 shenanigans.

> (A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title.

https://www.law.cornell.edu/uscode/text/17/1201

As I understand it, car manufacturers prevent independent repair shops from lawfully obtaining some of the diagnostics information in the onboard computer by encrypting it with a key that sits on the very same drive. Said encryption is the "technological measure that effectively controls access" and using the key to decrypt it is "circumvention" -- naturally, of the "effective" access control.

(https://www.law.cornell.edu/definitions/uscode.php?def_id=17... to “circumvent a technological measure” means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner)

Mazda might be interpreting the SSL certificate as a similar measure and therefore use of the certificate to decrypt traffic as a similar violation.



From the posted notice[1], they answered "No" to the question "Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our Complaints about Anti-Circumvention Technology if you are unsure." Is that the same thing you are referencing?

[1] https://github.com/github/dmca/blob/master/2023/10/2023-10-1...


Yep, sounds like it, which rules that out. Good to know that it might be on the served notice; I'll look for that next time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: