|
General
|
|
Written by Daniel
|
|
Thursday, 23 August 2007 12:46 |
Hacking Germany's New Computer Crime Law
German and US researchers lay low, question just how far new law will go
AUGUST 22, 2007 | 5:44 PM
By Kelly Jackson Higgins
Senior Editor, Dark Reading
Be careful what you joke about at the water cooler in Germany these days -- even a dig about a password stuck to a PC monitor could be considered breaking a new anti-hacker law that went into effect this month.
Under the new law, such a joke could be construed as making the password "accessible." And that's just the beginning. If a customer tells a sales clerk at a German office supply store that he's going to use his newly-purchased Windows XP software to hack into a bank, the clerk could get busted for selling him the OS.
These are the types of extreme scenarios being played out over and over by German security vendors and researchers who are still trying to figure out just what the controversial new Section 202c StGB of the country's computer crime laws really means to their business and their research.
Many security people say the law is so flawed and so broad and that no one can really comply with it. "In essence, the way the laws are phrased now, there is no way to ever comply... even as a non-security company," says researcher Halvar Flake, a.k.a. Thomas Dullien, CEO and head of research at Sabre Security.
"If I walked into a store now and told the clerk that I wish to buy Windows XP and I will use it to hack, then the clerk is aiding me in committing a crime by [selling me] Windows XP," Dullien says. "The law doesn't actually distinguish between what the intended purpose of a program is. It just says if you put a piece of code in a disposition that is used to commit a crime, you're complicit in that crime."... More
Comment in the Forums. |
