2022-07-03
[public] 13.8K views, 5.41K likes, dislikes audio only
A deeper look into the german hacking laws to see what kind of actions are illegal. There are some surprising edge cases and lots of room for debates.
Obviously this video is not legal advice.
I forgot about StGB 263a "Computer Fraud" in this video. It's also interesting to speculate about interpretations, however it focuses on financial losses and your intention to enrich yourself. So as security researchers it's less applicable, because we don't look for financial gains.
Useful links:
Translated German Criminal Law: https://www.gesetze-im-internet.de/englisch_stgb/
Der Hahn erklärt Cyber-Strafrecht: https://www.youtube.com/watch?v=EDqOCxdJSPE
00:00 - Intro and Motivation
01:15 - German Criminal Law
02:57 - StGB 202b - Phishing/MITM
03:55 - StGB 202c - Collecting Credentials
04:33 - StGB 202a - Hacking
04:59 - Example #1: Basic IDOR
06:20 - Example #2: Path Traversal
07:01 - OPTAIN ACCESS to Data
08:25 - Example #3: Minecraft log4shell Scanning
09:30 - Example #4: Technical Limitations?
10:44 - "Vulnerability" or "Exploit" not part of the Law
11:38 - Hacking Attempt is NOT Punishable
12:41 - StGB 202c - Hacking Tools
13:50 - Interpretation by German Federal Court
15:49 - StGB 303a - Data Manipulation
16:50 - StGB 303b - Computer Sabotage
17:13 - Example #5: Hacking a Bank!
18:41 - Hacking with Permissions?
19:50 - Conclusion
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Instagram: https://instagram.com/LiveOverflow/
→ Blog: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/