17 January 2013. Credit for Thales' recantation goes to incorruptible security
critic Ross Anderson who blogged and telephoned Thales to thrash the zealots:
16 January 2013
Thales e-Security Supports Bank Security Critique
From: Dave Harrop <Dave.Harrop[at]thales-esecurity.com>
To: "cryptome[at]earthlink.net" <cryptome[at]earthlink.net>
Date: Wed, 16 Jan 2013 12:59:03 +0000
Subject: Re: Cryptome Copyright Infringement - DMCA Takedown Notice
Dear Mr Young
Further to my letter to you dated 11 January 2013 in connection with (a)
the Zaxus Host Security Module RG7000, Operations and Installations Manual,
1270A513 Issue 3; and (b) the Zaxus Host Security Module RG7000,
Programmers Manual, 1270A514 Issue 3 both of which are published on
the cryptome.org website.
Thales is in no way trying to censor information that would benefit banking
The information concerned, as has been noted, has been available since 2003
and is in fact obsolete. It also does not reflect the current Thales
payment hardware security module.
It is not unusual for Thales to suggest that out-of-date information is removed
from web sites so that it doesnt cause confusion or mislead our
customers. This would normally be handled with a polite request to
the web site owner; on this occasion, unfortunately, we were over-zealous
in initiating a takedown notice.
Thales fully appreciates the benefits of openly sharing information relating
to our security products and fully supports legitimate academic research
in this area. The most up-to-date and accurate information can be obtained
directly from Thales.
Thales e-Security actively participates in key technical forums such as ASC
X9, Global Platform, NACHA, PCI SSC, Smart Card Alliance and OASIS, which
contribute heavily to banking security research and future requirements around
security for the payment industry. Thales has always respected and continues
to support external forums to further security within the banking industry.
I therefore wish to withdraw my earlier request for you to remove or disable
access to the material in question and apologise for any distress it may
Head of Contracts (EMEA & APAC)
Jupiter House, Station Road, Cambridge, CB1 2JD
t: +44 7802 555148