Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Legal Aspect of Pentesting / CyberCrime Treaty
From: Jerome Athias <jerome.athias () free fr>
Date: Wed, 27 Sep 2006 13:38:41 +0200

Christoph Puppe a écrit :

in Germany we are about to implement the cybercrime treaty in local law
with the number § 202 c. This change will make the possession, trafficking,
making available and producing of tools with the *intention* for hacking
and snooping traffic an offense punishable with up to a year in prison.

My questions for the list:

# does your country has implemented this treaty as well?
# what was your experience?

In my understanding, if we may not publish exploits to the web in general
anymore, we need new ways to trade them. The bad guys will do this as they
have always done. Now the professional pentesters need a B2B platform to
get this tools of the trade. The AV guys have done this right from the
start, with closed groups for exchange of new malware.

In the hope for a fun discussion!


this law exists in France and is called the "LEN" (Loi sur l'Economie Numérique) (it has 1 or 2 years)
It's also forbidden to disassemble a soft...

you're right and i think the same thing!

If bad guys can't publish an exploit publicly, some options are iDefense or ZDI... or the mafia...
i don't think it's good


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]