« UN Hacked via SQL Injection | Main | WASC Announcement: Web Application Security Scanner Evaluation Criteria Call for Participants »

German sites close, as anti-hacking law arrives

"Security researchers in Germany continued to pull down exploit code from their sites last week, scrambling to comply with a German law that makes illegal the distribution of software that could be used to break into computers.

The German law -- referred to as 202(c) -- went into effect on Sunday. Many experts have complained that the language of the law is very unclear, but a strict reading appears to make illegal the distribution, sale and possession of security tools which could be used to commit a crime.

In the latest move, PHP security professional Stefan Esser removed on Friday all exploit code from his Web site dedicated to the Month of PHP Bugs. While reasonable prosecutors would not likely pursue security researchers, the risk is too great, Esser stated.

"The big problem is that the (law) is not clearly written; it allows too much interpretation," Esser stated in the comments to the post. "While our government says that they do not want to punish, for example, hired penetration testers, this is not written down in the law."

Story Link: http://www.securityfocus.com/brief/567


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!