Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Law May Criminalize IT Pros

Posted by ryuzaki0 on from the just-doing-my-job dept.

An anonymous reader writes "More worrying news from the UK. This time, a bill meant to fight cybercrime may make it illegal to use or make available network security tools available, just because they could be used by hackers." From the article: "Clayton cited the Perl scripting language, created by Larry Wall in 1987, as an example of a useful technology that could fall foul of the law. 'Perl is almost universally used on a daily basis to permit the Internet to function,' said Clayton. 'I doubt if there is a sysadmin on the planet who hasn't written a Perl program at some time or another. Equally, almost every hacker who commits an offense under section 1 or section 3 of the CMA will use Perl as part of their toolkit. Unless Larry is especially stupid, and there is very little evidence for that, he will form the opinion that hackers are likely to use his Perl system. Locking Larry up is surely not desirable.'" A note that this is equally confusing but separate from yesterday's story about the UK government wanting private encryption keys.

12 of 514 comments (clear)

  1. Do I see a pattern? by alx5000 · · Score: 5, Funny

    From the country that criminalized privacy:

    Let's convict Perl users.

    I also heard that something called TPC or TCP is widely used by hax0rs to pwn remote servers. Wait till the UK Government can get their hands on it...

    --
    My 0.02 cents
    1. Re:Do I see a pattern? by Tackhead · · Score: 5, Funny
      > From the country that criminalized privacy:
      >
      >Let's convict Perl users.

      First they came for the COBOL programmers, and I was silent,
      Because ADD KEYSTROKES TO SYNTAX GIVING OBFUSCATION was always lame.
      They they came for the BASIC programmers, and I was silent,
      Because I considered GOTO harmful,
      Then they came for the C++ programmers, and I was silent,
      Because I could still write FORTRAN in any language,
      Then they came for the Perl programmers, and now the only way I can win an obfuscated programming contest is to write it in APL.

      (First they ignore you, then they fight you, then they mock you, then they come for the Brainf*ck programmers and their heads explode.)

  2. it's the nature of these tools by yagu · · Score: 5, Insightful

    Just as these tools are useful diagnostic tools they are also handy tools for commiting crimes as described under this proposed law. That's the nature of networks and tools to manage them. To deem these tools and availability of such a crime because they could be used to commit a crime is insane.

    This is akin to the recent proposal that all encryption key owners make their keys available to law enforcement. The expected eventual end result will be cautious users relinquishing valuable resources with criminals holding the trump card. This too is insane.

    So, when an administrator gets the call to investigate what appears to be suspicious behavior, where do they go to troubleshoot the problem? Heck, peel away all the layers of this onion and it wouldn't be surprising to find hackers are behind this... get the government to suspend priveleges using FUD, and run rampant over the network infrastructure.

    There is a hint of sanity from the article:

    People who distribute networking vulnerability scanning tools such as nmap or Nessus could also be caught up in part (b), Clayton warned.

    "The effect will be that people will stop offering these tools on their sites. Why should the only place to fetch Perl and nmap be from hacker sites in Eastern Europe, where the risk is that they carry Trojans? This makes the Internet less safe," argued Clayton.

    I only hope the government will listen to that reasoning.

    1. Re:it's the nature of these tools by Jazzer_Techie · · Score: 5, Funny

      I think the issue is that Perl code can be classified as a form of encryption.

    2. Re:it's the nature of these tools by Khomar · · Score: 5, Insightful

      If you replace the software with guns, you will begin to understand the position of those who want the right to bear arms (modifications have been made).

      This is akin to the recent proposal that all gun owners give their guns to law enforcement. The expected eventual end result will be cautious users relinquishing valuable resources with criminals holding the trump card. This too is insane.

      Can guns kill people? Sure they can, but so can many other things that the typical person owns (knives, drills, cars). Guns are also tools, and used well they can be of great help. Many families in my area (Montana) rely upon guns for hunting to support their families (cheap meat). Unfortunately, hunting rifles fall into the category of a "sniper rifle" which comes under attack as an unnecessary weapon. And do not underestimate the value of having a weapon for self defense.

      --

      I believe in de-evolution. God made the world perfect, man fell, and its been going downhill ever since!

    3. Re:it's the nature of these tools by Mistshadow2k4 · · Score: 5, Interesting

      Hmmm, I have to respectfully disagree. Guns are made to be able to kill, whether in self-defense or not. This proposed law is more like outlawing surgeon's knives because Jack the Ripper (supposedly) used one, never mind that surgeons use them to save lives; network tools are used to hack networks but are also used to secure them. That's the most apt comparison I can think of.

      --
      I dream of a better world... one in which chickens can cross roads without their motives being questioned.
  3. Using Perl Should Be A Crime by Geldon · · Score: 5, Funny

    ... Or at least forcing someone to debug it should

  4. Well then... by eosp · · Score: 5, Insightful

    Let's ban the English language because you can discuss crimes with it.

  5. This is great news for India! by Anonymous Coward · · Score: 5, Insightful

    This sort of news is great for nations like India, Singapore and Malaysia. The more the Western world places completely unnecessary and unjustifiable limits on its use of such technology, the better off the non-Western nations are.

    A strong economy, and the higher quality of life it may bring, depends heavily on innovation and progress. That is clearly being hindered by those who support such legislation. Companies won't be able to take advantage of the productivity gains one gets from using the technology that may be restricted.

    In the end, it comes down to a matter of freedom. Those nations who are now free to innovate will do so, and will eventually prosper. Those who seek restrictive legislation over free innovation will see their wealth and standard of living decline rapidly.

  6. Doesn't make sense... by gmiley · · Score: 5, Insightful

    To compare this to another industry:

    Person 1: Hi, I make hammers, would you like to buy one? You can use them to "hammer" nails into things, really quite nice for building houses and such.

    Person 2: Wow, this is nice. I'll take one!

    Law: Woah woah woah! Hold on right here... This "hammer" you got here... yeah well that can be used to bash someone in the head, so... it's now illegal, you'll have to come with me now. That's right, hands behind your back.

    I've never understood the idea that because a tool can be used to commit a crime, that it inherantly makes the tool evil.

  7. It's easier to fight the tool than the person by MikeRT · · Score: 5, Insightful

    Leftist leaders even more than right wing leaders tend to have a hard time accepting the fact that you can do bad things with different tools. They also have a hard time blaming the person for their use of it. Conservatives do it with drugs by blaming the drugs for the armed robbery to feed the habit. Leftists do it with weapons. It's easy to blame a drug, a gun or a scripting language for a crime. It allows you to not be "judgemental" toward a person who is just an asshole. Neither side likes to admit that these things are totally the person's fault, derived from some inner flaw in the person's character that causes them to get high and rob, shoot to murder someone or hack to steal a person's money.

  8. Bans Nmap Too by fv · · Score: 5, Insightful

    TFA also states that "People who distribute networking vulnerability scanning tools such as Nmap or Nessus could also be caught up in part (b), Clayton warned.". A quick reading of section 41 seems to bear that out. As author and maintainer of the Nmap Security Scanner, I am more than a little concerned.

    I'm certainly not going to let anything as silly as some U.K. law stop me from distributing Nmap, but I also don't want to become like Dmitry Skylarov the next time I give a presentation in England. And even if (as I would expect) the rest of the world ignores this, it could have a chilling effect on important security tools and research from U.K. citizens. Think of all the good research and tools that David Litchfield from London (NGS Software) has brought us. And my London friend Hoobie brought us the free Brutus password cracker, which appears to be prohibited by this bill.

    The good news is that this is just a proposal. So I would join the chorus in urging our British friends to make their voice heard against this silly bill.

    -Fyodor
    Insecure.Org