WassenaarArrangement
Latest
US backpedals on plan to regulate hacking software
After a huge outcry from the security community, the US government will re-write proposed regulations on software used to hack smartphones and computers, according to Reuters. The Department of Commerce wants to heavily restrict the development and testing of exploits, zero-days and other intrusion software, which sounds like a good thing on the face of it. However, security professionals discovered that it would've severely limited, and possibly even criminalized, research into surveillance software. That might have made internet security worse than ever by keeping such exploits confined to the black market.
Weaponizing code: America's quest to control the exploit market
When the US Bureau of Industry and Security published how it plans to implement the sections on hacking technologies in a global weapons trade pact called the Wassenaar Arrangement (WA) last week, it ignited an online firestorm of meltdowns, freakouts, and vicious infighting within the most respected circles of hacking and computer security. That's because the new rules change the classification of intrusion software and Internet Protocol (IP) network communications surveillance -- setting in motion a legal machine that might see penetration-testing tools, exploits and zero-days criminalized. Some suggest the new classifications also seem designed to give the US a market advantage over the buying, selling, import and export of certain tools used in cyberwar -- a currently black market, in which the US government is already the biggest player.
