Stories
Slash Boxes
Comments

SoylentNews is people

Metasploit says Papers Please or Go Home!

posted by cmn32480 on Thursday April 23 2015, @10:06AM   Printer-friendly
from the try-try-try-and-try-again dept.

juggs writes:

Ripping a morsel of a meal from the talons of El Reg, we end up with something indigestible.

Rapid7, the flingers of the exploitation / testing framework that is Metasploit have revealed the effect of recent US regulatory changes via their blog.

A snippet:

Due to changes in regulatory requirements that are applicable to Metasploit (Pro and Community) and similar products, as of Sunday, April 19, 2015, individuals outside of the US and Canada who would like to use Metasploit Pro or the Metasploit Community Edition will need to request a licence and provide additional information regarding themselves or their organization designation.

In accordance with the new requirements, the request will be reviewed by Rapid7 and, unless the user is a non-US or non-Canadian government agency (or is otherwise ineligible to receive the products without approval from the US Department of Commerce), the request will be fulfilled.

This affects licence requests made through Rapid7.com as well as any third party sites that currently offer Metasploit Pro or Community products for download.

It seems we are yet again on the Magic Roundabout of encryption export controls and Clipper chip madness... who knows, maybe this time around it will be effective.

 
This discussion has been archived. No new comments can be posted.
Metasploit says Papers Please or Go Home! | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Informative) by cykros on Thursday April 23 2015, @12:53PM

    by cykros (989) on Thursday April 23 2015, @12:53PM (#174270)

    UNLESS the user is a non-US or non-Canadian government agency (or is otherwise ineligible to receive the products without approval from the US Department of Commerce), the request will be fulfilled.

    Doesn't sound like they're actually going quite as far as the old PGP restrictions did, wherein export was just banned, but it also doesn't sound like they've learned much about how software travels across wires that for whatever reason don't have any respect for where borders are since then. I suspect this will stop even fewer people than the PGP ban did, but it probably sure did help some politician look tough on hackers for his constituents.

    I think this may function more as a test. "If you can't figure out how to proxy into the US to acquire Metasploit, you're probably not qualified to use it in the first place".

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by frojack on Thursday April 23 2015, @05:06PM

    by frojack (1554) on Thursday April 23 2015, @05:06PM (#174358) Journal

    Doesn't sound like they're actually going quite as far as the old PGP restrictions did,

    Who is this THEY that you refer to?
    There has been no changes in US regulations.

    --
    No, you are mistaken. I've always had this sig.