One year ago, I railed against computer security mailing lists that pirate copyrighted stories & op-eds. “These scabs collectively believe the need for computer security outweighs the profit of copyrights,” I spat.

My column pointed out a typical mailing list known as “SCADASEC,” a news site run for anyone who Speculates Creatively About Dastardly Attacks (“SCADA,” get it?). I should note that Bob Radvanovsky, the site’s moderator, is a noble gentleman. He addresses everyone as “sir” or “ma’am” when you meet him or speak on the phone. You won’t find a more humble, more honest, more helpful person. He really is one of the good guys.

Let the record show Rad­vanov­sky is far more gentle­manly than I.

I believe Radvanovsky when he says he never intended to steal from hard-working reporters who expect a fair wage. As so often happens, his good intentions paved a road to copyright hell — something Radvanovsky only realized after I published my column. This noble gentleman put aside his bruised ego and turned his thoughts to contemplative introspection.

And then, without fanfare, he shut down SCADASEC. “I revisited your web site blog again today and agree completely with what you have to say regarding copyright infringement,” Radvanovsky wrote me last December. “I am a man of my word and honor… ALL archived material has been removed.”

Radvanovsky went on to say “I am not a ‘bad person,’ and hope that you are lenient and compassionate in your statements about me, and our cause, in the near future.” Indeed, let the record show Radvanovsky is far more gentlemanly than I. In fact, I’m so anti-gentlemanly (ALL: “How anti-gentlemanly are you?”) that I once got drunk and shoved a champagne cork where it didn’t belong (listen to the MP3 podcast for a great laugh).

Radvanovsky’s introspection forced me to do a bit of it myself. Once again, I’m forced to realize that — as a critic — I pave my own Route 666 in a noble quest to shine a light in every dank corner of the computer security industrial complex. The anti-gentleman in me can’t even say “I’m sorry” for opening the eyes of a noble man. Rather, I can only say “I regret” the fact I focused on Radvanovsky’s mailing list as one of many typical examples.

Radvanovsky pulled a major course correction on the path of good intentions. Now if all the other computer security copyright pirates would follow his noble lead…

Many computer security mailing lists choose to ignore copyrights. They’ll republish the complete text of any news story, from any publication, if it’s got a computer security angle to it. The more popular and/or hysterical the story, the more they’ll republish it in toto.

It’s a blatant violation of copyrights. Nothing more, nothing less. And it’s the norm among computer security mailing lists.

These mailing list moder­a­tors be­lieve the needs of com­pu­ter secu­rity out­weigh the profit of copyrights.

I’ve long wondered why business-centric mailing lists would so brazenly violate copyrights. My working theory has always relied on a simple inference:

Anyone can join their mailing lists for free, and the moderators want to provide a valuable service. So we can infer they feel exempt from getting permission & paying fees to reprint copy­righted material.

To put it more succinctly: these scabs collectively believe the need for computer security outweighs the profit of copyrights.

“SCADASEC” is one of many computer security mailing lists that routinely violates copyrights. Moderator Bob Radvanovsky includes a courtesy link to the original publication when he routinely reprints an entire story or opinion piece or investigative report. The “ISN” mailing list run by InfoSecNews.org is another common violator. They sometimes reprint whole stories, and sometimes reprint just the first 4-5 paragraphs.

I could go on, but you get the point. Copyright violations among computer security mailing lists is pervasive enough that — in theory — you can lapse all of your expensive paid subscriptions and get all of it delivered for free to your inbox.

Well! It seems SCADASEC moderator Bob Radvanovsky got slapped for his promiscuous effort to keep his mailing list subscribers abreast of the news. Chemical Facility Security News pundit Patrick Coyle filed a complaint:

I have noticed on a number of occassions that posters to this list have copied verbatum information from my blog (Chemical Faciltiy Security News) and other copy writed sources. While attribution has always been made (which I greatly appreciate) the ‘fair use doctrine’ under copy write law does not allow for the entire content of a publication to be quoted without compensation. Since my blog is available on-line without charge, I see no reason why a simple reference with link cannot be used instead of quoting the entire posting. It would reduce the length of the emails sent out by this list and not reduce the value of the information being shared.

I do not want to reduce the value of the communications on this service, but I am required to enforce my copywrite to maintain the rights to my work.

Radvanovsky penned a very polite reply. Notice the rationalization in his third & fourth sentences:

Fair enough, Mr. Coyle. Only a URL will be used to refer to your blog. Additionally, this mailing list does not charge for any of its content. Nonetheless, we will respect your wishes and comply with your request. Thank you for your comment.

“Nonetheless,” he says? It seems my working theory has the ring of truth to it. Go figure.

Do I think this slap against Radvanovsky will do anything to curtail the rampant copyright violations found on computer security mailing lists? “No.”

Oh, sure, Radvanovsky might someday see the error of his ways … but his brethren will continue to publish stories without regard to copyrights. It’ll continue unabated for the foreseeable future.

The irony of all this? Computer security mailing lists rarely swipe my investigative reports and my opinion pieces. But then again, I’ve critiqued their industry for 20+ years — so who among them cares to reprint my tripe?