Back to the article
View the full discussionmisinformation, gossip, lack of foreign language skills, etc.
I can understand that ZDNet and other superficial news outlets make money mainly by spreading rumors, but i'd have thought the Register would do some serious investigating before claiming that the law indiscriminately criminalises the creation, possession, or even use of dual-use security tools.
Maybe the problem is that almost no English speakers speak German (or any other foreign language) and that even most English-speaking journalists(!) don't speak German. And German politicians haven't had time to explain the new law to the rest of the world since even most Germans, even and especially geeks, haven't yet understood or wanted to understand it and/or want to disparage the law because it restricts their self-proclaimed "right" to enter other people's computers and/or because they love bashing Germany...
The main problem is that the Internet started out and is still a Wild West and that the technology involved makes simple things look complicated and/or lets "experts" make it look complicated to normal users. Very few people would claim that it should be legal for people to try to physically break into businesses or that this would help prevent crime. Even if hordes of people were running around at night getting kicks and "glory" by trying to break into businesses, no amount of security experts could confuse normal people into believing this is a good idea. Normal users are beginning to understand enough about computers to see that most of the experts claiming the same kind of nonsense about attempts to break into business ICT networks are emperors without clothes. No wonder the politicians are finally doing something to clean up the mess that produces incredible profits for the security industry...
http://www.gruene-bundestag.de/cms/default/dok/185/185882.gesetz_zur_computerkriminalitaet.htm
Nun ist klargestellt: es werden nur solche Computerprogramme erfasst, die in erster Linie dafür hergestellt wurden, um damit Straftaten zu begehen. Dass sich ein Computerprogramm dazu lediglich "eignet", reicht nicht, um eine Strafbarkeit zu begründen - es muss sich der Sache nach um "Schadsoftware" handeln. Diese Klarstellung macht deutlich: dual-use-tools werden von der Strafnorm nicht erfasst, ihre Entwickler werden nicht kriminalisiert. Auch der branchenübliche befugte und gewollte Einsatz von Computerprogrammen durch Netzwerkadministratoren, mit denen diese z.B. die Sicherheit von eigenen oder Kundendatennetzen prüfen wollen, wird von der Strafnorm nicht erfasst. In Zweifelsfällen wird helfen, dass es sich um ein Antragsdelikt handelt - ohne Strafantrag des betroffenen Datennetzinhabers ist also ein Strafverfahren ausgeschlossen. Darüber hinaus war für uns Grüne die Klarstellung wichtig, dass das Gesetz in erster Linie auf professionelle Anbieter abzielt.
