Mastodawn

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.

https://www.bleepingcomputer.com/news/security/portugal-updates-cybercrime-law-to-exempt-security-researchers/

Portugal updates cybercrime law to exempt security researchers

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.

BleepingComputer

Show thread

Adam Shostack

Dec 7

@BleepingComputer @snipe That's cool, but how do I report a vuln? All I can find is https://www.cncs.gov.pt/pt/sofri-um-incidente-como-reportar-de-forma-voluntaria/ (the /en/ version is empty), but that reads like "report an incident" not "report a vuln"?

Also, (Firefox translate) says "You must FOLLOW THE RECOMMENDATIONS that the professionals of CERT.PT indicate." That seems to be giving the staff at Cert.PT an awful lot of power to decide how a vuln report goes....

I may have the wrong page, translation, etc.

Portugal updates cybercrime law to exempt security researchers

CNCS - Sofri um incidente! - como reportar de forma voluntária