You know times are bad if security researchers are being threatened with legal action. That’s something the DMCA actually does: if you investigate whether DRM works or not, you might be breaking the law, and big companies can sue you.

You know times are worse, when the pre-eminent web standards body, the W3C, is working on incorporating DRM (Digital Rights/Restrictions Management) into what used to be nice and open web standards — which means that they will help others take partial possession of the computer you bought and paid for — and by doing so, lets others sue you if you do nothing else than attempting to understand what your computer actually does. Really.

So Cory Doctorow, writer, activist and amazing speaker is calling for security researchers, and everybody who has an interest in this, to lobby the W3C to require their members to sign a covenant to not sue if somebody performs security research. I just signed, and I hope, many others will, too. Here’s the call to action with a link to click on to sign.

This should be a complete no-brainer. Having a part of your computer be essentially owned by a third party is bad enough, but then getting sued when you attempt to figure out no more than whether this third party is doing nefarious things on your computer, or letting others (intentionally or not) do nefarious things on your computer? Just the idea of outlawing this is mind-boggling. And having web standards that do not take a stand on this, would be a disgrace.

W3C: do the right thing!

For everybody else, go and support the petition.