Submission + - Open Letter to the InfoSec Community - Help Brazilian Security Researchers (ximen.es)
prxp writes: "Brazil is a wonderful country that has many problems. When it comes to information security, many will recognize that Brazil has good and bad examples. We have no cybercrime law in Brazil and it is close to a consensus that we need one. It has been more than 10 years that our Congress is trying to pass laws on this regard with no success. This unsuccessful path is due mostly to a lack of proximity between politicians and the Brazilian information security community and internet freedom activists. Usually lawyers and law enforcement agents are the ones to provide the theoretical support for building these law proposals that end up facxing strong opposition from society for not seeing their true interests being held (e.g. Azeredo cybercrime law proposal, known as “AI5 Digital”). This political standoff between cybercrime law proposals and society rebellion has been broken last May/2012 when a well cherished Brazilian actress had her email account breached, leaking many intimate pictures depicting her nude body. That was the case of actress Carolina Dieckmann and because of her popularity Brazilian Congress has been pushed into action (and society into passive acceptance) to pass any cybercrime law, no matter how incorrect it was. Because of that Congress has been pushing forward without the due transparency and discussion a new cybercrime law proposal altering Brazilian Federal Penal Code in order to include the definition for the crime of breaching computer security. This proposal has already been approved by Brazilian House of Representatives under the code PL2793/2011 (http://www.camara.gov.br/proposicoesWeb/fichadetramitacao?idProposicao=529011), sent to and already approved by Brazilian Senate under the code PLC35/2012 (http://www.senado.gov.br/atividade/materia/detalhes.asp?p_cod_mate=105612), and sent back to the House for final approval. This letter is a cry for help to the international community to help us Brazilians change this law proposal, for it has been advancing inexplicably fast, already reaching its last legislative stage in less than six months (being voted definitely next November 6th 2012) and when passed into law it will criminalize the building and dissemination of any tool, computer software or hardware, that might be used as means of breaching computer security, no matter who uses it or if it will be used at all. You read it right: simply writing PoC’s, sniffers, scanners, payloads, etc; giving talks about them, selling them or simply giving them away will be a crime in Brazil after this law is in effect. Please, read on, it is important that you do."
