Results 1 to 5 of 5

Thread: Germany declares hacking tools 'verboten'

  1. #1
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default Germany declares hacking tools 'verboten'

    http://www.theregister.co.uk/2007/05...i-hacking_law/
    Updates to Germany's computer crime laws banning so-called "hacking tools" have been criticised as ill-considered and counterproductive.

    The revamp to the German criminal code is designed to tighten definitions, making denial of service attacks and attempts to sniff data on third-party wireless networks, for example, clearly criminal. Attacks would be punishable by a fine and up to 10 years imprisonment.

    Previously, only attacks against companies and government organisations were indictable offences. The regulations, passed last week, also make it illegal for unauthorised users to bypass computer security protection to access secure data.

    Under these provision it becomes an offense to create, use or distribute so-called "hacking tools". Critics point out that many of these tools are used by system administrators and security consultants quite legitimately to probe for vulnerabilities in corporate systems.

    The distinctions between, for example, a password cracker and a password recovery tool, or a utility designed to run denial of service attacks and one designed to stress-test a network, are not properly covered in the legislation, critics argue. Taken as read, the law might even even make use of data recovery software to bypass file access permissions and gain access to deleted data potentially illegal.

    "Forbidding this software is about as helpful as forbidding the sale and production of hammers because sometimes they also cause damage," Chaos Computer Club spokesman Andy Müller-Maguhn told Ars Technica. "Safety research can [now] take place only in an unacceptable legal gray area."

    While making life more difficult for security consultants and sys admins, the new laws will, paradoxically, make it easier for police to use hacking tactics in gathering intelligence on suspects. The practice - declared verboten by German courts earlier this year - could be reinstated under the new laws, according to Müller-Maguhn.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  2. #2
    Member
    Join Date
    Apr 2007
    Posts
    163

    Default

    this makes me so upset

    i already mentioned it here in the forum... they say "you will only get punished if you use such tools for criminal activities". But the situation with the security tools and pentesters is not clearly stated in the law. So we definetly will have to get the judges state out the situation.

    Perhaps they will sniff my internet connection and do a survey before i can access sites like metasploit or milw0rm or even the forums here.
    And they will ask questions like: "will you use this information for criminal activities? Are you a member of a terrorist organisation? If you can answer one question with yes, please leave your adress, phone number, hair and eye color, shoe size, ID number and all other stuff related to you here. Scan your fingerprints and send them with your fingernails, some hair and a urine sample to the state Office of Criminal Investigation. We will contact you."

    Damn, this part of the new law is like shooting yourself in the foot. You know what they did? They got this law through the Lower House of German Parliament, on a friday morning at 2 am. at 2 am, if i would sit there, i would wink every sh** through just to finish the day. Arrrgh.....
    The answer is 42.

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by -~operator~- View Post
    Damn, this part of the new law is like shooting yourself in the foot. You know what they did? They got this law through the Lower House of German Parliament, on a friday morning at 2 am. at 2 am, if i would sit there, i would wink every sh** through just to finish the day. Arrrgh.....
    A very similar thing happened in the state government of where myself and Prez98 live. They passed themselves a pay raise on the last day of the session before a break at around 1am. I believe just about every single person that voted for that pay raise lost in the next election. Something to remember, democracy does work in some cases.

    Really sad thing is, I went to high school with one of the guys that voted for the pay raise and I didn't believe that he did it, because when I knew him, he had better morals than that.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Member webtrol's Avatar
    Join Date
    Jan 2010
    Posts
    113

    Default

    Under the " Council Framework Decision 2005/222/JHA of 24 February 2005 on attacks against information systems."(EU) europa#eu/scadplus/leg/en/lvb/l33193#htm) we can expect more similar laws showing up in Europe. While Germany does not lead EU, it is one of the main countries and lets be honest....Europe is so socialized ( read overrun by government control) that this will appeal to many officials (especially if you make exception for law enforcement).
    This debate reminds me allot of gun debate. Freedom, reason and personal security/responsibility on one side and government power, control etc on other.
    If i'm right on this then Europe is in allot of trouble.
    On the other hand...will it mean more jobs for pen-testing experts from U.S. remotely....

    P.S In link above replace # with .

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Long thread on this topic over here > http://forums.remote-exploit.org/showthread.php?t=8513
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •