Legal disassembly

Legal disassembly
Mark Rasch, 2005-08-22

When security researcher and ISS employee Michael Lynn went to give a presentation at the Black Hat conference in Las Vegas, little did he know he would ignite a legal firestorm questioning whether even the act of looking for security vulnerabilities violates the law.

Expand all | Post comment

Legal disassembly 2005-08-22
Anonymous

Legal disassembly 2005-08-23
Anonymous (1 replies)

Re: Legal disassembly 2005-08-29
Mark D. Rasch

Legal disassembly 2005-08-23
Anonymous (1 replies)

Re: Legal disassembly 2005-08-23
Anonymous

Legal disassembly 2005-08-23
Anonymous

Legal disassembly 2005-08-23
Coujou

In France, such resarch is prohibited since a few months unless you have a "legitimate reason" to look for vulnerabilities. of course, the notion of "legitimate reason" is hard to define and it is the judge duty to decide if you were acting badly.

This means that if you find a vulnerability that can harm a company (and as a matter of fact, every vulnerability does) you're screwed.

This law was named "law for a trustworthy digital economy". No need to say that the security of consumers was not the main concern here.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/349/32269#32269

Legal disassembly 2005-08-24
Anonymous

Legal disassembly 2005-08-25
Anonymous

Legal disassembly 2005-08-30
Alexey Vesnin

Legal disassembly 2005-11-22
squeak