RE: [Full-Disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA
From: Irwan Budiman (firstname.lastname@example.org)
From: "Irwan Budiman" <email@example.com> To: <firstname.lastname@example.org>, <email@example.com> Date: Fri, 18 Apr 2003 22:10:16 -0600
Does this means that this book (http://www.amazon.com/exec/obidos/tg/detail/-/0735615721/qid=1050724552/sr=1-7/ref=sr_1_7/103-5102984-6806223?v=glance&s=books) will never be published then? I wonder if there were a lot of pre-order for this book, then the MS-Press will change their mind.
BTW, talking about other publishers, you may try New Riders because they publish a couple security books, or probably Syngress may also be a good idea because Syngress has a lot of "Hack Proofing" series (from Windows 2000 Server, Network, XML, Cold Fusion, etc.). You may change the title from IIS Security Technical Reference to Hack Proofing IIS Server.
From: Jason Coombs [mailto:firstname.lastname@example.org]
Sent: Friday, April 18, 2003 9:02 PM
Subject: [Full-Disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA
I'm an author and computer forensics/infosec expert who recently authored a
book about information security and Microsoft Internet Information Services
(IIS) that Microsoft Press was planning to publish... They opted not to
publish my book after they got a chance to read it; perhaps fearing that
acknowledging flaws and pointing out weaknesses in their own products would
undermine their position with respect to prosecuting DMCA violators.
After reading your article concerning "Hacking the XBox" I thought you might
be interested in my story as well. My literary agent pitched my book to Wiley
and it was rejected rather abruptly and with no discussion (odd, considering
that I've been published by both Wiley and Hungry Minds/IDG Books in the
My plan, if I can't find a publisher willing to take the 'risk' of exposing
details of vulnerabilities in IIS, is to give away my book as an open source
manuscript/electronic book in order to educate people who use Windows Server
operating systems and IIS on critical security countermeasures. There's no
reason for Microsoft customers to be kept in the dark about necessary security
precautions simply because publishing the forensic details threatens to result
in prosecution of those responsible, or in the case of Microsoft Press,
threatens to take Microsoft's DMCA teeth out of their big fat head.
Full-Disclosure - We believe in it.