Technical explanation of the problems with the proposed cybercrime legislation
General problems
- Locally limited: attackers from foreign countries are not affected by the legislation, but residents are deprived of their ability to defend themselves by finding and fixing the flaws first.
- Does not help against IT security problems. Only regular audits and clear security and incident handling concepts are helping.
- With a tiny number of exceptions, tools are not specificially designed to be used for good or bad purposes. Just like guns, so-called «hacker tools» can be used for good or bad purposes — for attack or defense.
- The legal uncertainty rises significantly due to the lack of clarity in the formulations. (EU style legislative quality.)
- Some of the affected tools are frequently used for detecting and fixing problems in regular networks (e.g. tcpdump, sniff, wireshark etc. for debugging MSS problems and other types of communication errors).
- Example Germany: there was a mass exodus of IT security secvice providers, followed by security incidents at Government level and in large corporations involving personal data on a large scale.
- What's that about with the on-call service of the Federal Police?
- Federal Government taking the position of an on-call service provider? Why not let the existing IT security industry handle it?
- Reactive, not proactive: the provisions only handle the case when an incident has already occurred. At this time, damage has already been done, and data has been potentially lost. This is not in the interest of the company, the consumers, or the society as a whole.
- …
$Id: technical.html,v 1.1 2009/07/26 23:24:30 tonnerre Exp $