PANEL: HOW THE WASSENAAR ARRANGEMENTS EXPORT CONTROL OF INTRUSION SOFTWARE AFFECTS THE SECURITY INDUSTRY presented at BlackhatUS 2015

by Katie Moussouris, Adriel Desautels, Dino Dai Zovi, Nate Cardozo, Collin Anderson, Kim Zetter,

Summary : In 2013, the group of countries that make up the Wassenaar Arrangement added "intrusion software" to the list of dual use controlled items. This rule has been implemented and enforced in different ways among participating countries since last year. The United States Government is currently working on how it will implement these rules. Much like the crypto wars of the 1990's, the ruling in its current form threatens to make some legitimate security work more difficult. This has the potential to raise the cost for defenders and lower the cost for attackers. Join us for a panel that brings together different members of our community to discuss their perspectives on these export regulations. The panel will include those involved in security research, bug bounty programs, and privacy.