Άλλαξε ο DMCA (ο γνωστός νόμος Digital Millennium Copyright) και όπως φαίνεται το penetration testing ή δοκιμές διείσδυσης γίνονται νόμιμα… Υπό conditions… A year late, the US Congress published on Friday an updated list of exceptions in the Digital Millennium Copyright Act prohibitions on circumvention of digital controls.
These exceptions refer to the DMCA 1201 paragraph and describe the conditions under which some people can access, copy and manipulate digital content rights without the fear of being infringed.
Since 2003, the DMCA rulemaking process has been held every three years. But "the Congressional Intellectual Property Office unlawfully and needlessly caused the delay," according to Electronic's lawyer. Frontier Foundation (EFF) Mr Kit Walsh.
According to Walsh, opponents of the exceptions to the law expressed their concern about the consequences that could arise from the legitimacy of reverse engineerability, which led the Copyright Office to delay these exemptions for a year.
The exceptions concern:
The use of copies and streaming video in educational and documentary frames.
The use of electronic literary works combined with assistive technologies.
Jailbreaking is phones and tablets that allow for interoperability or removal of unwanted software.
Efforts to hack into the software of the car.
Efforts to access non-playable video games.
Attempts to bypass 3D Printer Materials Checks.
Attempts by patients to access data from their personal medical records Appliances.
Attempts to reverse engineer software (reverse-engineer) for security research.
"The new temporary exemption is a major victory for safety researchers and for consumers who will benefit from increased safety controls on the products they use," said Aaron Alva, Tech Policy Fellow at the Federal Trade Commission.
Of course security investigators should continue to stay away from cyber fraud and abuse of the law. In addition, the terms of the exemption state that reverse-engineering or deobfuscating code should be "carried out in a controlled environment in order to avoid harm to individuals or the public."
In addition, any information obtained from such an activity should be used to promote the security of the device being executed, or the safety of people using the device. The results of this research should be kept in a way that avoids the facilitation of copyright infringement.
"So, if someone meets all the conditions, this temporary exception allows them to test whether a connected toaster could burn your bun after a third party intervenes remotely," Alva said. "But, of course, it does not allow anyone to steal the toaster, hack into a neighbor's toaster, or burn toasters."
For his part, EFF would have liked to see the whole DMCA rule-setting process collapse.
"Paragraph 1201 of the DMCA and the entire rule-making process create unconstitutional restrictions on speech, and should be repealed by a court or determined by Congress." Walsh said.
