From Oracle's Chief Security Officer: one of the finest marketing posts for free software I've seen in 2015

Hugo Roy hugo at
Sun Aug 23 16:20:04 UTC 2015

↪ 2015-08-23 Sun 14:48, Florian Weimer <fw at>:
> > The license argument, however, is abject stupidity as security advice,
> > and an excellent argument for software freedom.
> It's probably still true.  I don't think there is a reverse
> engineering exception for security research.  Whether you have to
> publicly rub it into the face of your customers is a different story,
> of course.

Depending on what you do (because “reverse engineering” includes a lot
of different kinds of methods), you are covered in Europe by an
exception to copyright law (Directive 91/250/EEC) and any terms trying
to negate you this possibility are void. The French translation of
this directive even explcitly mentions security purposes since 2010.

Note that in the US, the situation is different regarding what you can
enforce or can't enforce in a contract regarding reverse engineering.

Hugo Roy – Free Software Foundation Europe
Please use cryptography for email: see
Merci d’utiliser la cryptographie pour l’email : voir
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <>

More information about the Discussion mailing list