N2H2 Inc. can use the Digital Millennium Copyright Act (DMCA) to stop a researcher from attempting to reverse engineer its Web filtering product, a judge ruled last week.

Harvard Law student Benjamin Edelman says he wants to crack the filtering tools to test them. Edelman planned to hack into N2H2's cryptography-protected list of filter parameters, but, fearing prosecution, sought court protection. Edelman and the ACLU believe filters, used at libraries and schools, limit free speech.

In a written decision, U.S. District Judge Richard Stearns found "no plausibly protected constitutional interest" that would overcome "N2H2's right to protect its copyrighted property from invasive and destructive trespass."

N2H2 didn't respond to requests for comment. Edelman says no decision has been made on appealing, but adds that N2H2's public list of filtered sites isn't enough for rigorous testing.

"Suppose you wanted to know which .gov sites are classified as pornography. Or to see what sites N2H2 calls pornography this week, that last week were not," he says. "N2H2's online database site would not allow any of these kinds of research, but you can see why it would be important."

Full Article
I am not a fan of the DMCA at all. I think it has been mis-interpreted, mis-applied and generally abused since it was created. I think this is another example of that. If the security of your product is flawed a programmer / researcher should be able to determine that and bring it to your attention and / or release that information to the public if you choose to do nothing about it.

I don't think software vendors should be able to use the DMCA to hide behind. If the product is flawed and vulnerable the buyers of that software should be notified. Using litigation and fear tactics to squash vulnerability research doesn't make the product more secure.