Types of activities that will become illegal under the proposed laws include making or supplying “hacking tools”- computer programmes or code that can help crack passwords or bypass security systems – and will be punishable by up to two years in prison.
Isn’t this legitimate action for any security enthusiast, hobbiest or professional involved in penetration testing or vulnerability assessment?
The law will also be clarified to make it illegal to hamper the operation of a computer, closing a loophole that has made it difficult to prosecute hackers for so-called “denial of service” attacks in which hackers bombard a computer system with hundreds of thousands of requests for information over the internet, so the servers are overloaded and cannot function.
I mean laws are all well and good, but the politicians have to wary and make sure they aren’t hurting people in the wrong places.
A major problem with the UK law at present (which called for this revamp) is under UK law DoS attacks (Denial of Service) are not illegal.
It can cost online companies millions of pounds in lost business when their websites are unavailable, but laws are not clear on whether simply stopping a computer from working is illegal.
Jeremy Beale, head of e-business at the CBI employers’ group, said: “There have been very few prosecutions under the Computer Misuse Act to date, but the new laws could give security a wider currency with businesses.”
I agree we need to protect legitimate business, but please, be reasonable with the laws and don’t punish us who are trying to educate and secure the world.
Source: Financial Times