[ale] OT: [Fwd: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...)]

[griffisb at bellsouth.net]

>  
> From: Geoffrey <esoteric at 3times25.net> 
> Subject: [ale] OT: [Fwd: Full-Disclosure is now ILLEGAL in France ! 
>  (Vulnerabilties, Technical details, Exploits ...)] 
>  
> Ouch.. 
>  
> -------- Original Message -------- 
> Subject: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties,  
>  
> A new anti-security law was voted yesterday in France, this law called  
> LEN (loi pour la confiance dans l'?conomie num?rique), the article 34  
> with his 323-3-1 says : 
>  
> "The fact, without legitimate reason, of holding, of offering, of 
> yielding or of placing at the disposal equipment, instrument, a 
> data-processing or program conceived or especially adapted to 
> make the facts envisaged by articles 323-1 to 323-3 is punished sorrows 
> planned respectively for the infringement itself or the infringement 
> most severely repressed." 
>  
> Translation : 
>  
> the term "hold...without legitimate reason" replaced the the presumption  
> of innocence by the "presumption of culpability", it means : "Any person  
> handling exploits/viruses (researcher,consultant,hacker or kiddie) is  
> guilty, and is in an illegal situation which could lead him to be  
> charged - And if you are charged, YOU have to prove that you are 
> innocent" 
>  
> Send us our "green cards" - thanks ! 
 
Hey, I just downloaded my Local Area Security boot CD to play with yesterday. 
Also picked up Penguin Sleuth and Knoppix-STD 0.1. Haven't had time to play 
with all the stuff, but had fun checking my own personal stuff out with Nessus, 
Cheops and Ethereal. (hmmm, found I have some security issues on a server - but 
it isn't open outside my network, found my son is still doing Kazaa after I 
spanned a switch port and did some sniffing) 
 
I guess the idea is "what you don't know can't hurt you" in France. I'd rather 
know and take preventive measures.