Rather than fix a well know PIN vulnerability in verifying card transactions UK banks would rather keep the problem under wraps — to the extent of asking Cambridge university to censor a thesis one of its computer students had published on the subject. The university’s response to the banks is — spot on!
“… you seem to think that we might censor a student’s thesis, which is lawful and already in the public domain, simply because a powerful interest finds it inconvenient. This shows a deep misconception of what universities are and how we work … censoring writings that offend the powerful is offensive to our deepest values … Accordingly I have authorised the thesis to be issued as a Computer Laboratory Technical Report. This will make it easier for people to find and to cite, and will ensure that its presence on our web site is permanent …”
For your reading pleasure, the university’s full response can be found here