It’s a multi faceted blame. Yes, you blame the hardware that’s helped used to commit the crime, then you blame the people using it to commit the crime, then you blame the people still allowing it to be done. Look at America for example. People use guns to kill children in schools. Then you blame the person for committing the crime, then you blame the politicians who refuse to make it harder to get a gun
I don’t get these arguments. These tools aren’t weapons, and limiting legal access to pentesting tools will decrease corp’s and individuals’ ability to be proactive about security.
These devices can be manufactured relatively easily and making them illegal will essentially mean the only people doing security tests are criminals. Large tech companies, correctly, run bug bounties where independent security researchers can make income by reporting reproducible and exploitable bugs. The concept here is called offensive security and it’s extremely important for building better and more secure platforms. This situation will never be improved by limiting legal access to useful testing tools.
The responsibility should be on automakers and other companies that have massively insecure products, not on open source developers who are making products for security researchers.
It’s a multi faceted blame. Yes, you blame the hardware that’s helped used to commit the crime, then you blame the people using it to commit the crime, then you blame the people still allowing it to be done. Look at America for example. People use guns to kill children in schools. Then you blame the person for committing the crime, then you blame the politicians who refuse to make it harder to get a gun
I don’t get these arguments. These tools aren’t weapons, and limiting legal access to pentesting tools will decrease corp’s and individuals’ ability to be proactive about security.
These devices can be manufactured relatively easily and making them illegal will essentially mean the only people doing security tests are criminals. Large tech companies, correctly, run bug bounties where independent security researchers can make income by reporting reproducible and exploitable bugs. The concept here is called offensive security and it’s extremely important for building better and more secure platforms. This situation will never be improved by limiting legal access to useful testing tools.
The responsibility should be on automakers and other companies that have massively insecure products, not on open source developers who are making products for security researchers.