Bill Toulas reports:
The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors.
When security research is conducted within the specified boundaries, those responsible will be excluded from criminal liability and the risk of prosecution.
“Those who want to close IT security gaps deserve recognition—not a letter from the prosecutor,” stated Federal Minister of Justice Dr. Marco Buschmann.
Amen to that!
Read more at Bleeping Computer.