Timelessness

Timelessnessless?

© 2026. All rights reserved.

Interim: ASML, request to redact licensing specifics

Thu, Feb 5, 2026 ❝Upon collaborative request, I have decided to redact detailed specifics of the licensing mechanism. This post is for clarification and traceability.❞
Contents

Harassment: ASML, licensing (complete) originally contained elaborate details of the licensing mechanism, as I was able to remember them, for the specific application I was involved with.

Clarification

There were several purposes, originally, to posting the licensing:

  1. A point needed to be made that this continuous persistent harassment had to stop. The attacks were, and to a somewhat lesser extent are, on many different areas, but included abusive practices by other people and also my own investigation and fixes for licensing.
  2. The licensing mechanism specifics illustrated the deficiencies I took the time investigating, so it demonstrated the verification effort was with genuine purpose and clear findings.
  3. The post was scheduled to appear on a certain date and I warned about that some two days in advance, at or around the same time as I posted the prior post. This gave them prior warning and time to act in whichever way they deemed appropriate.
  4. Numerous prior, much weaker counters had not deterred the constant persistent harassment.

There was no “revenge”-factor to the post on licensing. If I had acted primarily with malicious motivation, I would have had possibilities to copy the symmetric key and other specifics and documents. It also was not about “prestige”, so nitpicking about exactly which words to redact is in the interest of neither. At this point, I can remove the specifics and leave the rest of the post as-is. One may now assume the rest of the post truthful despite specifics no longer being available for verification. Besides, the general description remains available and almost completely unchanged.

Although exposing these details highlights some deficiencies, leaving them unnecessarily exposed, at this point, serves little purpose. The attacks focus on many more excuses, lies and false accusations. To that purpose, there are many more events described in other posts that highlight the undesirable circumstances, the subsequent reasons for attacks and my perspective on what had transpired as well as creating an opportunity to have a voice in a matter that was otherwise wholely one-sided attacking.

The request

On 2026-02-02, I received the following request from inf….…@asml.com:

Hello Danny,

I’m writing from ASML’s Information Security team. This is a courtesy note, not a legal notice.

On your blog a page titled “Harassment: ASML, licensing (complete)” there are granular implementation details about a legacy licensing mechanism. While we are not asking you to change or remove your personal experiences and opinions, we would appreciate your help in removing or redacting the specific technical characteristics of the mechanism (for example, details about algorithm choice, field delimiters, field ordering, identifiers, prefixes, and similar low-level implementation notes). Even if some of this is dated or approximate, the aggregation of those specifics increases exposure risk for our products as a result, as you also mentioned yourself.

This is a voluntary request. If you prefer not to make any changes, we understand and will not pursue this any further.

If you are open to helping, we can send a quick list of the exact lines we’re concerned about or propose a minimal redaction so it’s easy on your side. Thank you for considering this, and for keeping the rest of your content as you see fit.

At end of day, I responded with:

Hi,

I have updated the page. I have removed most of the specifics. I think mentioning ‘SHA1’ specifically has mostly narrative value, so I left it in. Besides, it is also part of the general information. Given that the original purpose had no factor of prestige in it, I do not think either benefits from nitpicking on every word. I expect that this covers your concerns. Besides, the real issues I describe are organizational in nature.

I should be a far bigger asshole on this matter, considering how much shit I have had to take. I probably should have said “okay, thanks, bye”, but then I’d be no better and would have been dishonest about original intentions.

I intend to post a small clarification for traceability that includes your email-message. I will wait for a little bit in case you wish to comment.

I could have responded with an “okay, thanks, bye!” and finish the conversation that way. However, as mentioned, that doesn’t serve any particular benefit at this point. So, I won’t.

As a side-note, I should probably have used the word ’transparency’ rather than ’traceability’. Although ’traceability’ fits with the chronological progression of matters, I intended transparency as a way of being open about the where, what and why of the redactions.

Changelog

This article will receive updates, if necessary.

This post is part of the Coordinated harassment series series.
Other posts in this series: