I believe Germany passed a law about exploits and/or "security tools". Also in the UK, some of the amendments to the CMA has a statement about distributing "articles" which some believe also includes software. I don't know of any case in the UK though where someone has gotten into trouble with this. I *believe* it is taken pretty seriously in Germany though.
Having released a few Open Source tools myself, I can confirm that I've never had a legal threat of this nature. Although adding a disclaimer like Andres's is a wise move. On Fri, Apr 4, 2014 at 8:56 PM, Andres Riancho <[email protected]>wrote: > Software is SO different to a gun... you can't really compare them. > Real people will die in most cases when a gun is misused, only > electrons are disturbed (in the great majority of cases) if you misuse > a hacking tool. > > On Fri, Apr 4, 2014 at 3:50 PM, Not EcksKaySeeDee > <[email protected]> wrote: > > Re: Use of a disclaimer on these sort of tools (i.e., those that can harm > > and/or be used for good). > > > > Wonder if any gun dealer applied something similar in their shop, or for > > that matter, in a hardware store under the hammer section. > > > > > > On Fri, Apr 4, 2014 at 2:29 PM, Andres Riancho <[email protected] > > > > wrote: > >> > >> Hi. As w3af's project leader I've not received any legal threats over > >> the seven years this project has been alive. > >> > >> Only a couple of months ago, and just to be sure, I added this > >> disclaimer which users need to accept to run the tool. > >> > >> DISCLAIMER = """Usage of w3af for sending any traffic to a target > >> without prior mutual consent is illegal. It is the end user's > >> responsibility to > >> obey all applicable local, state and federal laws. Developers assume > >> no liability > >> and are not responsible for any misuse or damage caused by this > >> program.""" > >> > >> On Fri, Apr 4, 2014 at 7:58 AM, Bryan Bickford <[email protected]> > >> wrote: > >> > Greetings > >> > > >> > I am a security researcher who is working on a project in my free > time, > >> > without going into details - the project will end with a powerful tool > >> > being publicly released. > >> > > >> > Obviously most cyber security tools have the potential for abuse. What > >> > sort > >> > of legal hurdles (if any) do you need to overcome to protect yourself > >> > when > >> > releasing software along the lines of metasploit? > >> > > >> > _______________________________________________ > >> > Sent through the Full Disclosure mailing list > >> > http://nmap.org/mailman/listinfo/fulldisclosure > >> > Web Archives & RSS: http://seclists.org/fulldisclosure/ > >> > >> > >> > >> -- > >> Andrés Riancho > >> Project Leader at w3af - http://w3af.org/ > >> Web Application Attack and Audit Framework > >> Twitter: @w3af > >> GPG: 0x93C344F3 > >> > >> _______________________________________________ > >> Sent through the Full Disclosure mailing list > >> http://nmap.org/mailman/listinfo/fulldisclosure > >> Web Archives & RSS: http://seclists.org/fulldisclosure/ > > > > > > > > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 > > _______________________________________________ > Sent through the Full Disclosure mailing list > http://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
