Re: hmm.. most people on the reg cannot read it seems... including the reg themselves
"if one reads the 1990 act amendment, you'll notice that it states that the offence only applies IF the accused *knowingly* adapts or supplies the application for use in a criminal offence... i.e. it's not what the software can do for you, but what you are guilty of using it for, with intent..."
Reading Section 37 of The Police And Justice Act 2006
The word "knowlingly" doesn't appear.
The problem we face is with the new section 3A(2).
"A person is guilty of an offence if he supplies or offers to supply any article believing that it is likely to be used to commit, or to assist in the commission of, an offence"
So I write a new improved vulnerability scanner. Can I circulate it around bugtraq for pier review? While I know it will be used responsibly by many people I also know that it will be used by some Bad Guys(TM) to find systems they can hack into.
The problem faced by the open source and free tool community is how to avoid "believing that it is likely to be used to commit an offence". If we create a tool and circulate it openly it *will* be picked up by someone and used to do bad things.
In the CPS guidance we see: "what, if any, thought the suspect gave to who would use it; whether for example the article was circulated to a closed and vetted list of IT security professionals or was posted openly". This seems to imply that posting a tool openly risks a charge under Section 3A.