Search Mailing List Archives
[liberationtech] Export Control of Intrusion Software
rrb at acm.org
Fri Dec 13 06:36:55 PST 2013
Some clarifications on the Wassenaar update:
It seems that it is meant to be narrowly aimed at
snooping tools, and not at counter snooping tools.
On 12/10/2013 03:50 AM, Fabio Pietrosanti (naif) wrote:
> This email to note that the Wassenaar Agreement has been updated to
> include "Intrusion Software" in the export controlled goods.
> See page 209:
> "Intrusion software"
> "Software" specially designed or modified to avoid detection by
> 'monitoring tools', or to defeat 'protective countermeasures', of a
> computer or network- capable device, and performing any of the following:
> a. The extraction of data or information, from a computer or network-
> capable device, or the modification of system or user data; or
> b. The modification of the standard execution path of a program or
> process in order to allow the ex ecution of externally provided
> 1. "Intrusion software" does not include any of the following:
> a. Hypervisors, debuggers or Software Reverse Engineering (SRE) tools;
> b. Digital Rights Management (DRM) "software"; or
> c. "Software" designed to be installedby manufacturers, administrators
> or users, for the purposes of asset tracking or recovery.
> 2. Network-capable devices include mobile devices and smart meters.
> Technical Notes
> 1. 'Monitoring tools': "software" or hardware devices, that monitor
> system behaviours or processes running on a device. This includes
> antivirus (AV) products, end point security products, Personal Security
> Products (PSP), Intrusion Detection Systems (IDS), Intrusion Prevention
> Systems (IPS) or firewalls.
> 2. 'Protective countermeasures': techniques designed to ensure the safe
> execution of code, such as Data Execution Prevention (DEP), Address
> Space Layout Randomisation (ASLR) or sandboxing
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> http://logioshermes.org - http://globaleaks.org - http://tor2web.org
More information about the liberationtech