-----BEGIN PGP SIGNED MESSAGE-----
Congrats, nice job!
Yes, well done.
The Netscape license explicitly prohibits decompiling (except where such prohibition is illegal). When this hits the media it will be important to avoid being tarred with the "hacker breaks rules and breaks in" brush. More subtly, it's probably a bad idea to call into question the overall business model of client binaries on the net.
Instead, emphasize importance of open code, public reviews, ability to link in your own code that meets public specs, etc. All of these things the Internet was designed to do, and U.S. ITAR regulations are designed to prohibit (globally, anyway). And also that the bad guys will never play by the rules. And re-emphasize that solutions are possible, just that the U.S. government prevents them from being deployed in a global economy.
Before we go to the news, perhaps we should demonstrate the exploitation of this hole. It would certainly make selling this story a whole lot easier. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBgAwUBMF27PHIf3YegbdiBAQGI7AJXY5d2Su52MWXrh6tP20vOai/Rsbd6+oqx urWUP34wPv5dqMv1Mw6XDlstX5Q3KmOMeTOjAwcjuJXY5Z3RhkL0gi0nMBUS/IdZ b/GN =vhHo -----END PGP SIGNATURE----- Dietrich Kappe | Red Planet http://www.redweb.com Red Planet, LLC| "Chess Space" | "MS Access Products" | PGP Public Key 1-800-RED 0 WEB| /chess | /cobre | /goedel/key.txt Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84