Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Legal Aspect of Pentesting / CyberCrime Treaty

from [Jerome Athias] Network Security [Permanent Link]
Subject: Re: Legal Aspect of Pentesting / CyberCrime Treaty
Date: Wed, 27 Sep 2006 13:38:41 +0200
Christoph Puppe a écrit : 
Salve,

in Germany we are about to implement the cybercrime treaty in local law
with the number § 202 c. This change will make the possession, trafficking,
making available and producing of tools with the *intention* for hacking
and snooping traffic an offense punishable with up to a year in prison.

My questions for the list:

# does your country has implemented this treaty as well?
# what was your experience?

In my understanding, if we may not publish exploits to the web in general
anymore, we need new ways to trade them. The bad guys will do this as they
have always done. Now the professional pentesters need a B2B platform to
get this tools of the trade. The AV guys have done this right from the
start, with closed groups for exchange of new malware.

In the hope for a fun discussion!

Hi,

this law exists in France and is called the "LEN" (Loi sur l'Economie Numérique) (it has 1 or 2 years)
It's also forbidden to disassemble a soft...

you're right and i think the same thing!

If bad guys can't publish an exploit publicly, some options are iDefense or ZDI... or the mafia...
i don't think it's good

/JA

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Old @Stake Tools, s-williams
Next by Date:  Re: Old @Stake Tools, Roberto Tanara
Previous by Thread:  Legal Aspect of Pentesting / CyberCrime Treaty, Christoph Puppe
Next by Thread:  XML Port Scanning, Colin Wong
Indexes:  [Date] [Thread] [Top] [All Lists]