This has been floating around for a while and you might have noticed a warning on some German based security sites that they’ve had to move their tools due to this new legislation known as 202(c) – a couple of examples are KisMAC and Phenoelit.
Basically the new law prohibits manufacturing, programming, installing, or spreading software that has the primary goal of circumventing security measures is, which means that some security scanning & hacking tools might become illegal.
Security researchers in Germany continued to pull down exploit code from their sites last week, scrambling to comply with a German law that makes illegal the distribution of software that could be used to break into computers.
The German law — referred to as 202(c) — went into effect on Sunday. Many experts have complained that the language of the law is very unclear, but a strict reading appears to make illegal the distribution, sale and possession of security tools which could be used to commit a crime.
In the latest move, PHP security professional Stefan Esser removed on Friday all exploit code from his Web site dedicated to the Month of PHP Bugs. While reasonable prosecutors would not likely pursue security researchers, the risk is too great, Esser stated.
Source: Security Focus
It’s a pretty worrying state of affairs. It means under strict enformencent the majority of Linux distributions are now illegal in Germany as they tend to include nmap by default!
I also believe it could back-fire causing more problems that solutions.
Germany’s new antihacker law could open the door to more cybercrime and not less, security experts warn.
The legal uncertainty created by the new law will make the work of security experts in Germany more difficult, according to Müller-Maguhn.
“The law is counterproductive,” said Marcus Rapp, product specialist at the German subsidiary of Finnish security vendor F-Secure. “It will make the security situation worse, not better.”
Rapp is concerned about what he calls the law’s “broad interpretation” of hacking and the legal uncertainty it creates.
Interesting stuff…and I really doubt they are going to reverse it.
Let’s just hope no other countries follow suit with such retarded laws.
There’s also a very interesting article on the whole matter by Dark Reading here:
You can read what Computer Chaos Club says about it (CCC) here [German].
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- German Police Creating Law Enforcement Trojan
- UK Government Set to Make ‘Hacking Tools’ Illegal
- UK Has The Worst Internet Security In Europe
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,133,877 views
- Hack Tools/Exploits - 577,267 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 411,937 views