DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Senator Sheldon Whitehouse Wants to Make the Computer Fraud and Abuse Act Even Easier to Abuse

Posted on September 29, 2015 by Dissent

If you’re a security researcher, you’ll definitely want to read this. Nadia Kayyali writes:

This summer, Senator Sheldon Whitehouse introduced an amendment to the flawed Cyber Information Sharing Act (CISA) that would make it even worse, by expanding the broken Computer Fraud and Abuse Act (CFAA). EFF has proposed common sense changes to this federal anti-hacking law, many of which were included in “Aaron’s law,” recently reintroduced. While CISA was delayed by strong grassroots opposition over the summer, it looks likely to move soon—bad amendments and all. That’s why we’re urging people to take action and tell the Senate to vote no on this and any other dangerous CFAA changes.

[…]

In addition to lowering the mental state required for trafficking in passwords, the amendment would expand the trafficking prohibition to include any “means of access.” This could potentially threaten legitimate security research, by including the critical penetration testing software used by researchers and security consultants. And what about a security researcher disclosing a vulnerability at a conference? Will the DOJ argue the exploit is a “means of access” and that the researcher knew the testing of the exploit was wrongful? In a time when security research is more important than ever, these are just some of the unintended consequences of broadening the CFAA.

Read more on EFF.


Related:

  • North Country Healthcare responds to Stormous's claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
  • 70% of healthcare cyberattacks result in delayed patient care, report finds
  • Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
  • Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
  • Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
Category: Commentaries and AnalysesFederal

Post navigation

← Barrington Orthopedic Specialists, Ltd notifies patients after theft of equipment
IE: Confidential patient files on street near hospital in Drogheda →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • White House ordered to restore Medicaid funding to Planned Parenthood clinics
  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance
  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.