[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040403225951.GA3424@nessus.org>
Date: Sun, 4 Apr 2004 00:59:51 +0200
From: Renaud Deraison <deraison@...sus.org>
To: Chris Wysopal <cwysopal@...take.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France
On Sat, Apr 03, 2004 at 08:42:52PM -0000, Chris Wysopal wrote:
> In-Reply-To: <20040402143855.27920.qmail@....securityfocus.com>
> Googling and translating the law gives this:
>
> http://www.iris.sgdg.org/actions/lsi/evol/art35.html
>
> After article 323-3 of the penal code, it is inserted article 323-3-1 thus
> written:
>
> "Art. 323-3-1. - The fact of offering, of yielding or of placing at the
> disposal a data-processing program conceived to commit the offences
> envisaged by articles 323-1 to 323-3 is punished sorrows planned for the
> infringement itself or the infringement most severely repressed "
This is inaccurate - the link you gave comes from the initial version
of this article, which has been modified since then.
This article now reads (roughly translated) :
"Art. 323-3-1. - The fact of offering, of yielding or of placing at the
disposal a data-processing program conceived to commit the offences
envisaged by articles 323-1 to 323-3 is punished sorrows planned for the
infringement itself or the infringement most severely repressed "
This article is not applicable when the offering, the yelding or
the placing at disposal is justified by the needs of scentific or
technical research or by the needs of the security or protection
of communication networks or information systems"
[http://www.telecom.gouv.fr/internet/projet_len.html]
Of course, the "needs" in question are a purely subjective notion,
which means that if a french citizen publishes an exploit,
he must expects to argue in front of a judge why doing so was
needed.
-- Renaud
Powered by blists - more mailing lists