Proposed German law a 'win-win' for black hats?

Experts critical of legislation that would ban hacker tools

By John Blau

September 21, 2006 12:00 PM ET

Recommended

IDG News Service - New legislation proposed by the German government aims to make computer hacking a punishable crime.

The draft law, announced Wednesday, defines hacking as penetrating a computer security system and gaining access to secure data, without necessarily stealing data.

As part of the draft, groups that intentionally create, spread or purchase hacker tools designed for illegal purposes could be punished by law, the Federal Ministry of Justice said in a statement.

Other punishable cybercrimes include denial-of-service attacks and computer sabotage attack on individuals, which would extend the existing law that limited sabotage to businesses and public authorities. Offenders could face up to 10 years in prison for major offenses.

Although Germany already has a comprehensive penal law against attacks on IT systems, the proposed revision aims to close any remaining loopholes, the ministry said.

Some security experts warn, however, that "good" hackers, also known as "white hats" who work for security companies, could be restricted in their ability to help software makers and businesses as a result of the proposed law.

If hackers can't share their tools with the public, "white hats will not be able to get them and use them internally for testing or external security consultants won't be able to do security testing," a hacker, known by the pseudonym van Hauser, wrote in an e-mail. "It's a win-lose law in favor for the bad guys."

Van Hauser is president of The Hacker's Choice, a noncommercial group of security experts.

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

white hat

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.