Cenzic 232 Patent
Paid Advertising
web application security lab

New Ban Proposed In UK Against Hacker Tools

There is some interesting commentary on The Register and even better detail on Light Blue Touch Paper about a proposed ban in the UK against dissemination and the eventual use of hacking tools. So if you run a site out of the UK with worm code on your site, that can be used to commit a crime, you should pay attention to whether this law is passed or not.

I suppose it’s not dissimilar from putting a handgun in a schoolyard although it’s really hard to tell intent in either case. Often times the research done on this site and others of it’s kind are academic and are helping to solve the problems. Granted that same information can empower less scrupulous types, so that’s at least partially the intent of the law. However, I would bet money that this does little, if anything, to stop the proliferation of exploitation materials. This will no doubt simply force hackers to move their equipment offshore or go more underground - which could be bad for investigators, and for researchers alike.

6 Responses to “New Ban Proposed In UK Against Hacker Tools”

  1. thrill Says:

    Yes! That must be the answer to all the world problems. Hide the information from the public so that only those with bad intentions and those who do not mind being branded criminals have access to this information. That should take care of all the worlds problems.

    Too bad they didn’t think of this approach back in the 1940’s when Nuclear research was just beginning.

    –thrill

  2. MO Says:

    Isn’t this a P.R. issue? Rather than calling it Hacking tools can’t we say Pen testing tools, Defensive strategy tools, etc, etc, etc

  3. ChosenOne Says:

    We do have this ban in Germany, since (I think) Mid 2007 or so. You are not allowed to use, own, produce, etc. “hacker tools”, i.e. software that *can* be used to do harm. This does not affect tools like nmap (I suppose), but it’s hard to write an advisory without trying to write a PoC.
    Sucks hard, imho.
    I guess it’s only politics: “Oh, the government is doing something against hackers. My Computer will be so much safer.”
    However you can get some kind of lincense from the “federal office for it-security” (Bundesamt für Sicherheit in der Informationstechnik, www.bsi.de), if you’re a security-guy. But that’s ridiculous :)

    P.S.: I think the UK government will enact this law…actually I’d bet :)

  4. av Says:

    In a schoolyard? More like leaving a handgun in a back alley under a trashcan. Only people who know where they’re looking will find it. A high % of those people will be ‘whitehats’ (if you believe in that white/blackhat terminology - I don’t). You make it sound like we’re spamming disney.com messageboards with the anarchists cookbook.

  5. RSnake Says:

    @av - Hahah - It was perhaps a bad analogy. Not that kids could use the anarchist’s cookbook very easily either, which adds fuel to your argument.

  6. Jon A. Longoria Says:

    @ChosenOne

    I heard about that ban earlier in the year, although, I thought that ban was in regards to tools used to monitor or manipulate RF transmissions and it’s security measures (i.e. NetStumbler type of applications)? Does it really apply across the board? I wasn’t aware of that, I just remember a developer taking his tool offline so he didn’t end up in the pokey. I guess I have something to Google tonight, lol.