Home
       News
       Features
       Feedback
       Link to us
       Report abuse !
       German Aid for Afghan Children
          Dr. Reinhard Erös Books

Blogs
       View All Recent Entries
       Fridays' Swyx Tip
       Marcus Blog
       Marks Blog
       Martin's Blog
       Mortens Blog
       Ralf's Blog
       Swyx-o-holic's Blog
       Tom L's Blog
       Tom's Blog

Downloads
       Server Tools
       ECR Scripts
       Client Tools
       Client Skins
       Miscellaneous

Forums

Projects
       Call Routing Extensions
       Conference Room Manager
       IpPbx Import RR
       IpPbx Powershell Module
       iQueue (Swyx Forum Edition)
       Open Queue
       ServerState
       SwyxIt! Gadget
       SwyxIt! Web Extensions
       WebCDR for SwyxWare

SwyxPEDIA
       General
       SwyxWare Configuration
       SwyxIt! Configuration
       SwyxPhone Configuration
       SwyxConnect Configuration
       SIP Device Configuration
       Network Device Configuration
       SwyxWare Resources
       SIP Provider
       SwyxWare Development
       SwyxIt! Development
       Swyx The Lighter Side

Resources
       Glossary
          .NET Framework
          BRI
          CCITT
          CDR
          Centrex
          CID
          Codecs
          COM
          CPE
          CSID
          CSTA
          CTI
          DCOM
          DECT
          DHCP
          DID/DDI
          DNS
          DTMF
          Echo cancellation
          ENUM
          Extension
          Firewall
          FTP
          FXO
          FXS
          G.711
          G.723
          G.729
          GAP
          GPRS
          GSM
          H.245
          H.323
          Hunt Group
          ICMP
          IEEE 802
          IEEE 802.11
          IMAP4
          IP
          IPPBX
          IPsec
          ISDN
          ITSP
          Jitter
          Latency
          LDAP
          MAC address
          MAPI
          MP3
          NAT
          NetBIOS
          PBX
          POE
          POTS
          PPP
          PPTP
          PSTN
          QoS
          QSIG
          RDP
          Router
          RPC
          RSVP
          RTCP
          RTP
          RTSP
          SCTP
          SIMPLE
          SIP
          SIP Trunk
          SMTP
          SNMP
          SNTP
          SRTP
          SSL
          STUN
          Subnetwork
          Switch
          T.30
          T.38
          TA
          TAPI
          TCP
          Trunk
          TSID
          TTS
          TSP
          UDP
          UMTS
          URI
          Up0
          USB
          VBScript
          VLAN
          VoIP
          VPN
          WAP
          WAV
          Wi-Fi
          WLAN
          WMI
          WSE
          DMZ
          LAN
          E.164
          Hub
          Ping
          RTT
          IPv4
          IPv6
          TFTP
          Wireshark
          Traffic Shaping
          Packet loss
          MOH
          ACD
          G.722
          ISA
          AD
          Skin
          WAN
       Links
       Reviews
          Mobile Extension Manager (MEM)
       Screencasts
          ambiLOG v3.0
          ITNW Custom Bubble
          LDAP / Excel Import Tool
          SwyxIt! Gadget
          Video Conferencing

List of Blogs

	View All Recent Entries
	Fridays' Swyx Tip
	Marcus Blog
	Marks Blog
	Martin's Blog
	Mortens Blog
	Ralf's Blog
	Tom L's Blog
	Tommy's Blog
	Tom's Blog

Search Blogs

Keywords
Phrase

Blog Archive

Most recent blog entries

Security, what security?

aug22

Written by:morten.rokosz
Wed, 22 Aug 2007 09:11:21 GMT

Soon a new law will hit the German security market hard.

Sometimes things are going really bad. Even if you meant well, the effect of what you decided might have consequnces you never anticipated.

This is what seems to be the case for the law-makers in Germany these days. The new law forbids on a general basis unauthorized access to IT-systems, and all types of tools use for hacking is also forbidden.

Sounds good, right? Well it is not. The law will actually make it a crime to do the research necessary for the security companies to improve their products and understand an attack. So the situation might be that the good guys is also hurt by this. After all I thought unauthorized access to IT-systems already was forbidden, and no one really asked for permission to attack anyway.

Without the possibility to do constructive hacking, it will be very difficult to discover security flaws before they are exploited. This situation is so serious that a lot of security experts working in German security companies may leave the country. Or at least the threat to do so.

Even research in closed networks will be illegal, becasuse the tools used for this are covered by the law.

The worst part is that this might become an EU directive some day. This is a textbook example of good intention turning out to have the exact opposite effect.

Trackback Print

Location: Blogs

Mortens Blog

Tags:

2 comment(s) so far...

Re: Security, what security?
Yes, the new law got a lot of press coverage lately. The problem is that the paragraph in question is phrased very generally. It is unlikely that a software company or admin will be sentenced for creating or using tools like port scanners, but the risk of an expensive lawsuite is enough for some security companies to consider leaving Germany. And the risk of a lawsuite might keep administrators from using such tools. The result is much less security :-(

By Martin on Wed, 22 Aug 2007 09:30:55 GMT

Re: Security, what security?
So it is a question of time when such useful services like

http://www.heise.de/security/dienste/portscan/text/portscan.shtml

will be switched off. Fortunate the heise publishing company has a good law department and is willing to question IT related laws in Germany if necesseary

By Ralf on Wed, 22 Aug 2007 10:10:29 GMT

Blog Help

Stay up-to-date
Write own your Blog
Usage of Windows Live Writer
Report Abuse