You can't secure what you don't acknowledge.SM

Friday, June 17, 2011

Hacking tools & malware creation illegal - what's next?

With all the criminal behavior taking place on computers around the world, it appears that politicians are seeking some solutions. For instance, European Union Justice Ministers are proposing a ban on hacking tools. I suspect this law will work just as well as gun laws in the U.S. Simply criminalize the inanimate object (or code) and only the law-abiding citizens will comply. It creates the perfect storm for criminals to be able to continue doing what they do.

Furthermore, an unintended consequence of such tools being banned and kept from legitimate use like in the independent security assessment work that I and many of my colleagues do, then businesses in general suffer.

The burning question is: who decides what hacking tools really are? Are they password crackers? Vulnerability scanners? Perhaps Web browsers in general? I suspect they'll have a panel of ignorant bureaucrats making the call like what our "leaders" here in the U.S. (Obama, Pelosi, etc.) envision with their ObamaCare death panels. Government knows best.

On a related note, just today the Japanese parliament enacted legislation that criminalizes the creation of malware. Is this any different? It can certainly be argued that malware serves no purpose other than to do harm. Of course, many people around the world believe the same thing about guns owned and used for the sole purpose of self-defense.

It's a complicated world we live in...what to do now?

No comments:

Post a Comment