lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <D6F3BB1D-A71F-4021-A0D9-C2894FFD5F7B@owasp.org>
Date: Sun, 6 Apr 2014 17:55:36 -0400
From: Daniel Wood <daniel.wood@...sp.org>
To: Toni Korpela <admin@...fork.com>
Cc: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: Re: [FD] Legality of Open Source Tools

Toni,

The English version has this information in Chapter 38, I didn't find it in a Chapter 34. 

The key to all this is the language of intent, using verbiage such as "aggravated", "unlawful", and "to cause detriment". This is the same as the United States and many other countries; if you don't have the intention to cause harm, it can be argued as a lack of 'mens rea' which is Latin for "guilty mind". In order for it to be considered a crime (legally speaking at least in the United States) you need that key component with the actual act of committing the crime (known as 'actus reus'). 

I'm not saying that Finland or any other country is the same as the United States, but having studied Criminal Law, I do know that many countries have similar code on the books.

If you're truly concerned, I would write or speak to your court representative for clarification. 

Daniel

> On Apr 5, 2014, at 6:23 AM, Toni Korpela <admin@...fork.com> wrote:
> 
> Greetings from Finland.
> 
> I know that here it is illegal to import, manufacture, sell
> or otherwise distribute such machine or software which
> are designed to endanger or harm information and
> communication systems.
> 
> This is stated in chapter 34 § 9a. Then again § 9b states
> that it is illegal to posess machine, software and access
> information into systems which you can use to endanger
> or harm information and communication
> systems.
> 
> Basically this means that I am not allowed to have ping,
> nmap or other networking / penetration testing tools
> which can be used for harm installed on my computer.
> Though I am not certain if any of these computer
> security laws have been used to penalize someone.
> 
> I am not certain if penetration testing tools belong to
> the category of tools which are designed to endanger
> or harm information and communication systems.
> 
> It's quite harsh if I could get fines or maximum of 2 years jail
> for having Linux distribution with some networking tools
> installed on my computer.
> 
> -Toni
> 
> _______________________________________________
> Sent through the Full Disclosure mailing list
> http://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ