mailing list archives
Criminalisation of security tools
From: packetshinobi at googlemail.com (Joerg Weber)
Date: Tue, 27 Mar 2007 20:36:45 +0200
Germany has a law in the pipeline doing what's described below indeed.
I dunno wether it's of any use for you but if it's helpful I'll dig
out some articles. They'll be in German, so you'd have to babelish 'em
but in essence they'll explain that german legislation is about to do
exactly that. It has cause quite a stir inside the IT Security
Community, so wether the proposal will actually become a law remains
to be seen.
It's amazing enough that nonsense like that even gets considered these
days as serious proposals.
2007/3/27, 0x90 at hushmail.com <0x90 at hushmail.com>:
Framework 3.0 release is all over the news. I came across
http://www.heise-security.co.uk/news/87442 and what I found
interesting is the last paragraph that states:
"However, recent amendments to information security legislation,
which include the criminalisation of the manufacture, provision,
distribution or procurement of hacker tools will make the use of
tools such as Metasploit problematic. It could even become unlawful
to perform internal tests to check the security of your system or
to check whether vendor patches really fix vulnerabilities as
Going back to typical "Security through obscurity" approach?
Anyway, I never heard about such legislation. If true, which
state(s) will adopt it? Anyone has more info?
PS: HD Moore, thank you very much for such a great tool.
Click to lower your debt and consolidate your monthly expenses