An article on SlashDot sites the DMCA (Digital Millennium Copyright Act) as the primary cause of the chilling effect going on for the technological investigations of flaws in security technology.

One unfortunate side-effect of the DMCA is that it provides cover for companies that release flawed security technology. The article describes how a cease and desist order stopped a presentation discussing the problems in a particular ID system, manufactured by BlackBoard, Inc. (formerly part of AT&T). The IDs in question are used for everything from entering rooms to paying for books and lunches.

Although the manufacturers claim that they would be harmed by making the information public, pretending that the information doesn't exist doesn't make the cards any safer for the students to use. Since the cards are clearly flawed (else the manufacturer would likely not have bothered with the cease and desist order), the key issue should be in fixing the privacy issues and getting the security back into the system, not in covering the butts of the people who didn't effectively design the system.