Brilliant!

Well, the fallout from the German government outlawing hacking security tools (there is some vague wording about security professionals using them, but it's being reported that folks there aren't taking chances) has started already. According to the Security4All blog page, the KisMac project has shut down because of it and the Phoenolit project had to move offshore. (http://security4all.blogspot.com/2007/07/german-law-vs-security-tools-fallout.html). This reminds me of the controversy in the United States over gun control. Opponents say "If guns are outlawed, only outlaws will have guns". Same premise pretty much applies here. If the security tools we use to audit and lockdown our networks are taken away from us, we become inherently more insecure. Meanwhile, the Bad Guys will continue to utilize them. What do they care about another law? The end result of hacking is already illegal (accessing another network without permission, stealing, changing or removing data, etc.) Will this have any impact for good for the overall security posture of the Internet? I think not. Unfortunately the reverse will be the result. Let's hope this doesn't become a trend, and the good der Mensch of the German government come to their senses and revoke this law.