Computer Access Laws
Laws restricting computer access and use should carefully balance the need to combat cybercrime with the value of supporting security research, innovation, and other legitimate activity.
DMCA
The Digital Millennium Copyright Act (DMCA) can hinder good faith security research by restricting the ability to analyze software for vulnerabilities. 我们支持在不减少版权的情况下扩大对安全研究人员的保护.
- 11/14/21 - 2021年安全研究员规则的快速分析
- 07/16/21 - 就保安研究人员保护事宜致版权局的单方函件
- 06/23/21 - Rapid7加入针对安全工具的DMCA诉讼声明
- 07/13/18 - 对美国司法部关于DMCA安全研究人员豁免的信函的快速回应
- 12/18/17 - Joint comments to the Copyright Office in support of strengthening the DMCA security researcher exemption
- 06/28/17 - 版权局呼吁新的网络安全研究人员保护
- 10/27/16 - 就具体的DMCA改革向版权局提出联合意见,以保护安全研究人员
- 03/15/16 - Rapid7, Bugcrowd和HackerOne文件亲研究员评论DMCA Sec. 1201
- 10/28/15 - 新的DMCA豁免对安全研究人员来说是积极的一步
CFAA
独立的安全研究对推进网络安全具有重要意义, but the Computer Fraud and Abuse Act (CFAA) makes little distinction between beneficial research and malicious hacking. We support responsible CFAA reforms and clarifications to protectshield security researchers and internet users from overbroad liability.
- 06/04/21 - 建议在CFAA下保护安全研究人员
- 06/03/21 - 最高法院意见缩小CFAA分析
- 07/13/20 - Rapid7加入CFAA向最高法院的简报
- 10/20/15 - 为什么我不讨厌白宫/格雷厄姆修正案
- 01/26/15 - 我们如何使安全研究非犯罪化?
- 01/23/15 - 总统的网络安全提案会让我们更安全吗?
UK Computer Misuse Act
英国的《十大赌博正规信誉网址》(CMA)危害了防御性安全工具的共享, 不承认诚信安全研究的重要性, 并且未能定义访问系统的授权构成. Rapid7 supports sensible reforms that clarify these issues and advance cybersecurity without creating opportunities for abuses.
- 06/08/21 - 关于1990年计算机滥用法案的立场
- 06/07/21 - 1990年英国内政部呼吁信息计算机滥用法案
States
Rapid7 occasionally advises states on computer access laws to protect consumers and businesses while avoiding obstacles to research and innovation.
- 09/21/16 - Rapid7支持密歇根汽车黑客法中的研究人员保护
- 05/16/16 - 关于密歇根州汽车黑客立法的联名信
Hack Back
Authorizing private entities to take active measures in retaliation against hacking risks undermining cybersecurity and causing collateral damage.
- 06/17/21 - 对私营部门黑客攻击的看法
- 05/24/17 - 为什么公司不应该试图攻击他们的黑客
- 04/17/18 - 格鲁吉亚不应授权“黑客攻击”