"What if a Web researcher found a bug on your Website today — but was too afraid of the law to tell you?
The Computer Security Institute (CSI) recently formed a working group
of Web researchers, computer crime law experts, and U.S. Department of
Justice agents to explore the effects of laws that might hinder Web 2.0
vulnerability research. And the CSI group’s first report — which it
will present on Monday at CSI’s NetSec conference in Scottsdale, Ariz.
— has some chilling findings.
In the report, some Web researchers say that even if they find
a bug accidentally on a site, they are hesitant to disclose it to the
Website’s owner for fear of prosecution. "This opinion grew stronger
the more they learned during dialogue with working group members from
the Department of Justice," the report says. "
Article Link: http://www.forbes.com/technology/2007/06/08/cx_0608darkreading.html