Security Tool Controversy
Last year I discussed some of the hacking and security laws in the UK on michaeldaw.org; pdp also discussed this on GNUCITIZEN a few months back. Governments are looking at clamping down on security tool development and distribution to mitigate hacking risks. It looks like Germany are now following:
Whoever prepares a crime according to §202a or §202b and who creates, obtains or provides access to, > sells, yields, distributes or otherwise allows access to
- passwords or other access codes, that allow access to data or
- computer programs whose aim is to commit a crime>
will be punished with up to one year jail or a fine. Additionally, this new section is interwoven with other > laws, including the ones covering terrorism. The current interpretation includes the acceptance of others > committing a crime using your (or our) material as violation of §202c.
The main question in my mind when trying to remain objective about this, is whether IT security can be classified within the same category as Locksmiths. Would you feel safe in your home if an open community developed free tools to open various locking mechanisms and distributed those openly? Currently, only registered Locksmiths are allowed toolkits within the UK.
I also see the point that crackers will get the upper-hand as they don't care about such laws, it will be the security community that suffers.
Whether we like it or not, times "are a changing". I strongly believe in win-win situations, the question really is can there by one if the future moves in this direction and what with Net Neutrality.
Danach soll die Vorbereitung einer Straftat durch Herstellung, Beschaffung, Verkauf, Ãœberlassung, Verbreitung oder ZugÃ¤nglichmachen von PasswÃ¶rtern oder sonstigen Sicherheitscodes fÃ¼r den Datenzugang sowie von geeigneten Computerprogrammen kÃ¼nftig mit Geldstrafe oder Freiheitsentzug bis zu einem Jahr geahndet werden.Here's a machine-translated version: http://188.8.131.52/translate_c?hl=en&langpair=de%7Cen&u=http://www.heise.de/newsticker/meldung/92334 But what the heck are
Sicherheitscodes. Even as German I am not able to get the meaning of the word - so as long as the article stays as interpretable as the bible we have to wait for the first precedence case to occur. Bitter. Greetings, .mario
Playing Devils Advocate:Adrian if I liken Aodhhan's hammer and screwdrivers to OS tools like telnet, tftp and net, then banning other security tools still makes sense :)