Date: 8 Apr 2004 23:41:18 -0000 From: K-OTiK Security To: bugtraq@securityfocus.com Subject: Full-Disclosure is now ILLEGAL in France ! (Vulnerabilties, Technical details, Exploits ...) A new anti-security law was voted yesterday in France, this law called LEN (loi pour la confiance dans l'économie numérique), the article 34 with his 323-3-1 says : "The fact, without legitimate reason, of holding, of offering, of yielding or of placing at the disposal equipment, instrument, a data-processing or program conceived or especially adapted to make the facts envisaged by articles 323-1 to 323-3 is punished sorrows planned respectively for the infringement itself or the infringement most severely repressed." Translation : - having or distributing exploit code and/or detailed vulnerability information and/or information about hacking techniques, is ILLEGAL. - having or distributing hacking/security tools, scanners, pen testers, or technical white papers is ILLEGAL. - magazines and websites distributing security information about vulnerabilities or exploits are ILLEGAL. pathetic ! the term "hold...without legitimate reason" replaced the the presumption of innocence by the "presumption of culpability", it means : "Any person handling exploits/viruses (researcher,consultant,hacker or kiddie) is guilty, and is in an illegal situation which could lead him to be charged - And if you are charged, YOU have to prove that you are innocent" Send us our "green cards" - thanks ! K-OTik Staff /// http://www.k-otik.com