Slashdot Mirror

← Back to Stories (view on slashdot.org)

EU Ministers Seek To Ban Creation of Hacking Tools

Posted by CmdrTaco on from the oh-yeah-that'll-work dept.

alphadogg writes "Justice Ministers across Europe want to make the creation of 'hacking tools' a criminal offense, but critics have hit back at the plans, saying that they are unworkable. Ministers from all 27 countries of the European Union met on June 9 to discuss European Commission proposals for a directive on attacks against information systems. But in addition to approving the Commission's text, the ministers extended the draft to include 'the production and making available of tools for committing offenses.' This is problematic, as much legal and legitimate software could be put to criminal use by hackers. The draft mentions 'malicious software designed to create botnets or unrightfully obtained computer passwords,' but goes no further in attempting to clarify what 'tools' might be subject to criminal sanctions."

8 of 248 comments (clear)

  1. Don't worry... by Anonymous Coward · · Score: 5, Insightful

    They'd never abuse this law by using it against people using legitimate software for legitimate purposes.

  2. Pointless and harmful by Ptolom · · Score: 5, Insightful

    You can't just ban software. There is absolutely no practical way to stop people from sharing code, and there fucking shouldn't be. If you ban these tools, the only people seriously affected will be the white hats.

  3. "Hacking Tools" by bsDaemon · · Score: 4, Insightful

    They mean "hacking tools" like tor and pgp/gpg, right? Of course, first they'll come for metasploit, then nmap, then... but we all know what the end game is.

  4. Ok buddy.... by PPH · · Score: 5, Funny

    Put that compiler down and step back. Slowly!

    --
    Have gnu, will travel.
  5. Re:text editors, compilers by Anonymous Coward · · Score: 5, Interesting

    Penetration testing is a necessary application hardening process that depends on access to the SAME TYPE OF TOOLS that black hats use to break an application. Think of it like viral inoculation: You need some of the enemy code in order to build an effective defense.

  6. In other words... by PoochieReds · · Score: 4, Insightful

    "Let's ensure that only those willing to break the law will have access to these tools."

  7. Re:So only criminals will have hacking tools by NotQuiteInsane · · Score: 3, Informative

    If you've got a steel-backed IBM Model M, it already is.

  8. Re:Script kiddies suppliers by Opportunist · · Score: 5, Insightful

    That's maybe what they have in mind, unfortunately that's not what they have in the law proposal.

    That's the problem here, politicians try to make a law concerning something they don't even have the foggiest clue about. They imagine some CSI-esque "click here for big kaboom" Flashgame interface, but the law they propose would hit a lot of tools used to actually secure networks. The problem here is that the same tools that tell me whether I'm secure (from nmap to wireshark) are also the tools used to compromise that security. Making the tool illegal and not the use is a slippery slope at best.

    "If you outlaw X, only criminals will have X" has rarely been more apt than this time. Because if I'm out to break a much more serious law, why'd I bother to worry about illegal possession of the tool? If I planned to rob a bank, would I care about illegal possession of firearms? If I wanted to hack the European Central Bank, would I worry about the slap on the wrist I'd get if I was found in the possession of nmap? If I want to secure my network, I certainly WILL worry about that slap, because my job as CISO hangs on my police record being spotless.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.