Germany Declares Hacking Tools Illegal 299
dubbelj writes "Germany has updated their computer crime law to declare 'hacking tools' illegal. This will place most of the professionals in the network admin and computer security fields in a sort of legal grey area. 'The new rules tighten up the existing sanctions and prohibit any unauthorized user from disabling or circumventing computer security measures to access secure data (see the law, sections 200 and following [in German]). Manufacturing, programming, installing, or spreading software that can circumvent security measures is verboten, which means that some security scanning tools might become illegal.' We discussed a similar measure in January when Australia considered the same kind of legislation. How will this affect Linux distribution in Germany, as most standard Linux distributions come with these kind of 'hacking tools' installed by default?"
Well... (Score:4, Informative)
Re:Lock Hacking (Score:5, Informative)
From the N.C. statute:
" 74F-2. Purpose.
Locksmiths have the knowledge and tools to bypass or neutralize security devices in
vehicles, homes, and businesses. The laws of this State do not protect citizens from the
unscrupulous use and abuse of this knowledge and these tools by persons who are
untrained or have criminal intent. Therefore, the licensing of locksmiths is necessary to
protect public health, safety, and welfare."
Regards.
Re:So.... (Score:5, Informative)
If I'm an admin, I'm probably authorized to test my own network's security. I hack and probe my server constantly to determine my own security. The real gray area is if I'm guilty simply because I possess these tools or if I'm unauthorized to do something with those tools.
Re:so, is gdb illegal now? (Score:3, Informative)
Re:Here's something legislators never learn (Score:3, Informative)
CCC Article + Babelfish + cleanup (Score:5, Informative)
May 25, 2007 (46halbe)
The Bundestag has today waved through, unchanged, a ban again computer safety tools (Bill for the change of Criminal law in order to fight computer criminality, new 202 StGB). Chiefly targeted is the manufacturing, programming, leaving (for someone), distribution, or procurement of software, which is urgently necessary for the daily work of network administrators and safety experts.
With this decision the delegates acted against the express advice given by experts from research and business to the committees consulting on the proposal. The law was also sharply criticised by the Internet economy sector and the Upper House of Parliament. With exception of the Party of Democratic Socialism and a lonely SPD delegate, the complete Great Coalition of the Clueless now voted to make Germany a professional disqualification zone for computer safety experts.
Through the markedly broad scope of the law, the possession, production and distribution of preventive tools with which to examine computer security will become punishable in Germany. These tools are, however, essential in order to ensure the security of computer systems. Banning this software is about as helpful as banning the production and the sales of hammers because sometimes these are also used to cause damages.
Andy Mueller-Maguhn, speaker of the Chaos Computer Club, commented: "banning the possession of computer safety tools leaves the door wide open for the use of Federal Trojans. Industry and citizens are systematically being robbed of the possibility of examining their systems adequately for security. This prohibition endangers the security of the German IT sector."
As the automobile industry makes its vehicles safer with crash tests, so does the computer industry test its system security through the controlled employment of attack programs. It will in future no longer be possible be to test sensitive computer systems for security in ways that are without a doubt legal.
At the yearly congress of the Federal Office for Security in the Information Technology (BSI), Minister of the Interior Schaeuble announced plans to certify "trustworthy" security providers. With this step, the abilities and knowledge necessary for effective safety examinations of computer systems shall apparently be monopolised by handpicked government suppliers, while the independent computer safety research can be selectively criminalised as desired.
CCC speaker Mueller-Maguhn added: "the explanations of the Minister of the Interior for computer security are pure lip-service. A legal and organizational framework is being systematically created here in order to make citizens and enterprises defenseless against computer attacks, industrial espionage and also Federal trojans. Safety research can take place only in an unacceptable legal gray area."
*N.B. "Bundestrojaner", which I've translated as Federal Trojans, are the programs the police/gov't use to search through people's computers remotely (newly legalised, or given greater scope, I believe)
Can't you guys read german? (Score:2, Informative)
http://www.bmj.bund.de/media/archive/1317.pdf [bmj.bund.de]
And the relevant words in english (my translation)
German penal code section 202c
Whosoever prepares a felony according to section 202a or section 202b by
Note: sections 202a and 202b are both about gaining access to data meant for somebody else.
Re:Bullshit law (Score:2, Informative)
not really. (Score:2, Informative)