Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Export Control of Intrusion Software

Richard Brooks rrb at
Fri Dec 13 06:36:55 PST 2013

Some clarifications on the Wassenaar update:

It seems that it is meant to be narrowly aimed at
snooping tools, and not at counter snooping tools.

On 12/10/2013 03:50 AM, Fabio Pietrosanti (naif) wrote:
> This email to note that the Wassenaar Agreement has been updated to
> include "Intrusion Software" in the export controlled goods.
> See page 209:
> "Intrusion software"
> "Software" specially designed or modified to avoid detection by
> 'monitoring tools', or to defeat 'protective countermeasures', of a
> computer or network- capable device, and performing any of the following:
> a. The extraction of data or information, from a computer or network-
> capable device, or the modification of system or user data; or
> b. The modification of the standard execution path of a program or
> process in order to allow the ex ecution of externally provided
> instructions.
> Notes
> 1. "Intrusion software" does not include any of the following:
>  a. Hypervisors, debuggers or Software Reverse Engineering (SRE) tools;
>  b. Digital Rights Management (DRM) "software"; or
>  c. "Software" designed to be installedby manufacturers, administrators
> or users, for the purposes of asset tracking or recovery.
> 2. Network-capable devices include mobile devices and smart meters.
> Technical Notes
> 1. 'Monitoring tools': "software" or hardware devices, that monitor
> system behaviours or processes running on a device. This includes
> antivirus (AV) products, end point security products, Personal Security
> Products (PSP), Intrusion Detection Systems (IDS), Intrusion Prevention
> Systems (IPS) or firewalls.
> 2. 'Protective countermeasures': techniques designed to ensure the safe
> execution of code, such as Data Execution Prevention (DEP), Address
> Space Layout Randomisation (ASLR) or sandboxing
> -- 
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> - -

More information about the liberationtech mailing list