Warning: What follows is my uneducated rant on plagiarism and the effects I think it’s having on information exchange within the InfoSec community. I don’t claim to have all the answers, but I do have questions! Take it as you will…
pla·gia·rism
[pley-juh-riz-uh
m, -jee-uh-riz-]
–noun
1. the unauthorized use or close imitation of the language and thoughts of another author
and the representation of themas one’s own original work.
2. something used and represented in this manner.
source: dictionary.com
Maybe it’s just me, but over the last year or so I’ve seen more websites, blogs and news articles talking about plagiarism than ever before! We’ve seen everything from sites being scraped and content reproduced in it’s entirety, through to information sources plundered for content for low quality books… and copied word for word, without thought or care!
In an age were we’re already seeing a serious decline in active blogs in favour of short 140 character tweets, we can hardly afford to be killing off the enthusiasm of those bloggers we do have left! The InfoSec community has always been built on open information sharing. In this industry we live and die by the information we have to hand. Wether that’s something we research ourselves, or something shared in-kind. For every piece of research somebody shares, there were hundreds more they could rely upon being made freely available. This unspoken information sharing pact has made the InfoSec community what it is, and helped to make the most of the researchers time, skills and dedication.
(CC BY-NC 2.0) by jobadge
Not everybody can reverse engineer the latest Zeus Trojan, but you always knew somewhere, somebody would, because that’s what they did! However that information sharing is lessening as the people really doing the research have their hard-earned work stolen out from under them, and posted on one of a myriad of copy sites… without permission.
Those behind the plagiarism, at least those that have a shred of decency (few and far between), talk a lot about giving credit. What they don’t seem to understand is that regardless, taking someone’s hard work, without their permission, and using it for your own uses is plagiarism, full stop. The problem comes when trying to prove these issues in an Internet, and therefore global, context. As an English citizen, living in Austria, with hosting based in the US… who’s laws (if any) are broken when a third-party takes your content? I’m not a lawyer, so I have no idea. All I know is, I didn’t give you permission…
The Internet is a wonderful thing, filled with great information and sources… copying other people’s hard work, research and abusing their dedication to this community is beyond low.
Resources on plagiarism .:
Note .:
Although I’ve occasionally been the target of plagiarism in the form of copied blog posts from these pages, I’m not writing this rant for that reason. There’s no point. I really see this issue as one of the biggest threats to the InfoSec community currently, and it needs to stop. The only problem is… those who are plagiarizing have no respect for the InfoSec community. They’re just out to make a buck, or ten, on the backs of the hard work done by others… History repeating itself in the digital age! Who’d have thought!
</rant>
Feel free to plagiarise this blog post.. it serves to prove the point!
Note 2 .:
After a spirited discussion on Twitter about this post, a friend of mine, @krypt3ia, was nice enough to propose a logo to show your disgust at the increase in Plagiarism… I think it’s a good starting point, so include it here for your use! spread the word!
Like this:
Like Loading...
Related
One thing is to give credit when credit due, another thing is to use content without consent (sounds like intelectual rape or something) and IF someone ever complains, then offer to pay them to stfu…
They say ‘sharing is caring’, that’s why we blog when we have time. If I finally find some time to write something maybe interesting and then someone takes it and republishes for his own profit… there’s a special place in hell for charlatans like that.
This is the document we are given at university to help us avoid plagiarism:
I understand what you’re saying, am familiar with the Gregory Evans’s that are in this world, and don’t really respect the sites that do full copies (the euphemism provided is that they are “aggregators”).
That said, I don’t necessarily agree with your point about referencing what someone else has done, and providing proper credit, being not copacetic. The entire basis of research, since the beginning of time, is building on the work of others. To simply say the information that is the basis of your work, and not credit those that did some of the foundational work, to me, is the greater crime.
Once work is published on the Intertubes, one should assume that it will move from being tacit (in their head) to explicit (in the heads of everyone who will read it). Wasn’t that one of the points when you created the post, to share something?
For example, if I were to write something about a new variant based on Zeus, I might make detailed reference to how Zeus works and then describe the variation and renaming I’m seeing in the work I’m doing. To re-reverse engineer Zeus would be kind of a pointless time sink when others have graciously done it and released their findings already. That said, there must be clear reference to who’s work you are citing as the basis of your own.
If we each have to discover everything from scratch, infosec is going to be even for f’d up then it already is. That said, the wholesale rip off of work, or the partial taking of work without credit, happens every day in every way, and it’s wrong.
Apologies, here is the up-to-date version:
Thanks for the comment, and I agree with what you’re saying.
My goal was to comment more on the aggregators of this world than people basing work on the shoulders of others… I have no problem with people boring information and giving credit… but stealing whole posts is nothing short of theft!
It’s a fine line between extending work and stealing work! … still I think we’re all intelligent enough to know the difference