Skip to main content

Guide tells 'grey hats' how to avoid legal pitfalls

EFF IN THE NEWS
November 25, 2008

The US-based Electronic Frontier Foundation has published a guide on how IT professionals can avoid falling foul of the law as a result of ethical hacking...

"A computer-security researcher who has inadvertently violated the law during the course of her investigation faces a dilemma when thinking about whether to notify a company about a problem she discovered in one of the company's products," the guide states. "By reporting the security flaw, the researcher reveals that she may have committed unlawful activity, which might invite a lawsuit or criminal investigation. On the other hand, withholding information means a potentially serious security flaw may go unremedied."

Tuesday, November 25, 2008
ZDNet.co.uk
JavaScript license information