Virtual Civil Disobedience

5:30 PM -- So far, so good.

German security firm n.runs' virtual act of civil disobedience today hasn't sent the authorities breaking down its door. Nor has it rocked the German legislature.

Not yet, anyway.

All n.runs has heard so far since it reinstated its Bluetooth hacking tool back onto its Website -- after removing it for fear of prosecution under the controversial new anti-hacker law that went into effect in Germany last month -- were thanks and words of encouragement from the security community. (See German Researchers to Test New Anti-Hacker Law.)

Before today, everyone was complaining about the new law -- Section 202c StGB of the German cybercrime laws -- which, as written, could make something as benign as ribbing a co-worker about his password stuck on a Post-It note illegal. (Yep, that could be construed as making the password accessible and therefore the commission of a crime.)

But as silly -- and at the same time, chilling -- as some of the potential scenarios the new law conjures up, no one was really doing anything to test it. So n.runs decided to risk potential prosecution under the ambiguous law to see how it would hold up once and for all. Researchers and security firms alike in the country have been holding their breath to see how it will affect their livelihoods.

Jan Munther, CTO of n.runs, says all the support from the security community reinforces that the company is "doing the right thing" in challenging the new law head-on. For now, they just wait.

— Kelly Jackson Higgins, Senior Editor, Dark Reading