← Back to context

Comment by jojomodding

6 hours ago

So apparently some CCC-connected hackers already unmasked one of them years ago (as reported in the update, which could have also just linked to the talk here: https://media.ccc.de/v/37c3-12134-hirne_hacken_hackback_edit... )

Makes you wonder if the investigators discovered this independently, or decided to maybe ask the hackers already involved in defending against them for help...

8 comments

jojomodding

Reply
hobofan  4 hours ago

I'm not deep into the topic, but AFAIK there generally isn't a warm connection between the CCC and the BND in Germany (in the recent years mostly due to the BNDs involvement ins spying on German citizens, but I think there is also deeper history there). If a hacker collaborates with the BND they do run a risk of many of their peers not wanting to collaborate with them anymore.

  • foepys  3 hours ago

    It also has something to do with the so called "Hackerparagraph" [1] under which whitehat hacking is basically impossible in Germany. Even writing a program that could potentially be used for hacking is a crime. If you followed the law word for word the authors of e.g. curl could be charged under this law.

    1: https://de.wikipedia.org/wiki/Vorbereiten_des_Aussp%C3%A4hen... [de]

    • groby_b  2 hours ago

      > If you followed the law word for word the authors of e.g. curl could be charged under this law.

      They really couldn't. BVerfG (Germany's constitutional court) has clearly said that dual use tools have a presumption of not being tools to break the law. It's been very clear that mens rea matters. And that a narrow reading of the law is the only constitutional reading.

      The problem here is taking "word for word" as "by dictionary meaning", which is never how laws are read.

      It's still a problematic law (together with §202a/b) because it doesn't clearly carve out space for grey-hat activities (white-hat attacks with authorization really don't fall under it even with creative reading).

      On the upside, Germany is considering fixing that. On the downside, it moves with the speed of classic German bureaucracy and is being "discussed" since 2024.

  • cineticdaffodil  1 hour ago

    Well at least the german state can collaborate with russian agents in projects like wirecard and not violate any laws when threatening journalists reporting on its collaborations.