mabuse.de

Results Negative

Search

About

This page contains a single entry from the blog posted on June 14, 2007 3:23 PM.

The previous post in this blog was On Poker.

The next post in this blog is Spam Message for Today.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]

« On Poker | Main | Spam Message for Today »

On Narrow Paths

Finding out software errors and security problems on a web site may become a problem: if not only for the site maintainer but also for the person who exposes the flaw. The CSI (not Crime Scene Investigation, but the Computer Security Institute investigates how actual laws increase the danger of getting sued by site owners when somebody detects a vulnerability and talks about that. In fact, there are security researchers who don't inform the site maintainer for fear of prosecution. In a very true statement CSI declares that laws prohibiting security tests will only hamper serious security researchers and not the black hats. CSI's next objectives include exploration of disclosure policy guidelines and mirrored-site guidelines for Web site owners as well as creating a list of research methods for lawmakers' understanding. (Source)

Compared to Germany's planned tightening of security laws, where sheer usage of hacker tools will be punished, this seems to be still a comfortable situation to me.

Tags:

Posted by MadScientist on June 14, 2007 3:23 PM |

TrackBack

TrackBack URL for this entry:
http://www.mabuse.de/cgi-bin/MT/mt-tb.cgi/99

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)