Stories
Slash Boxes
Comments

SoylentNews is people

Protection of White-Hat Hackers is Slow in Coming

posted by martyb on Saturday November 05 2016, @03:19PM   Printer-friendly
from the I-wasn't-hacking...-I-was-*testing* dept.

Phoenix666 writes:

In the cybersecurity world, the law doesn't always treat the good guys like good guys.

As Harley Geiger put it in a talk titled, "Fighting for Legal Protection for Security Researchers" at UNITED2016, the Rapid7 Security Summit, the vast majority of independent research into the security of consumer and commercial products, "doesn't seek to undermine IP (intellectual property) or safety of products. It helps us keep ahead of those who do seek to do harm."

Yet laws at both the federal and state level, "tend to undermine that," he said.

Geiger, director of public policy at Rapid7, cited laws like the Digital Millennium Copyright Act (DMCA) and Computer Fraud and Abuse Act (CFAA), which he said in crucial areas fail to allow for a distinction between researchers, who are simply trying to improve cybersecurity, and criminal hackers.

The story goes on to reference how the Librarian of Congress has allowed a temporary reprieve (as we covered in It's Finally Legal to Hack Your Own Devices (Even Your Car).) But, as much as that may improve things for the time being, it falls short of what is really needed for security professionals to examine and test systems.

So, how can a white hat work in a responsible way that is distinguishable from a black hat who, when caught, only claims he is a white hat?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Protection of White-Hat Hackers is Slow in Coming | Log In/Create an Account | Top | 9 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Runaway1956 on Saturday November 05 2016, @05:27PM

    by Runaway1956 (2926) Subscriber Badge on Saturday November 05 2016, @05:27PM (#422884) Journal

    There probably aren't a lot of "white" hat hackers. Most of them are gray. For that matter, there are probably fewer black hats than people think. (first we have to discard the public perception that all hackers are evil - FFS the media has gone crazy with that) Some are just darker gray, others are lighter gray.

    The need to distinguish between those various shades is a real need. But gubbermint isn't interested in making any such distinction. If you do ANYTHING the government dislikes, you're facing eons in prison - like ten thousand consecutive life sentences.

    Just the threat is enough to make a reasonably light shade of gray to commit suicide.
    http://www.zdnet.com/article/hacker-activist-aaron-swartz-commits-suicide/ [zdnet.com]

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2