Ugh. It does look like the wording gives some room though?

As in, it requires “preparing the commission of an offense”. Does acquiring the tool for other uses like learning or professional training help?

Or even better, shouldn’t lack of proof that the user had malicious intent be enough?

	▲	immibis 5 days ago \| parent [-]
		Police can always fabricate intent (this is not specific to Germany - they can just say you told them you were going to hack someone, or your actions or body language obviously showed it) and then in practice it's up to you to show an alternative interpretation of facts. If you're studying computer security, that might get you off - but who better than a computer security student to do actual hacking?

▲

ranger_danger 5 days ago | parent | prev [-]

Hard disagree, I think there is very important context missing here, notably:

> 2. computer programs for the purpose of the commission of such an offence

Big huge emphasis on "for the purpose of", meaning there must be clear intent to cause harm or break the law, especially for a criminal case. This assumes the purpose of the program is not inherently for hacking/criminal purposes, which I do not believe would be hard to argue that nmap is not designed as a "hacking tool".

Germany appears to have a similar standard to US criminal cases where you are presumed innocent until proven guilty "beyond a reasonable doubt": https://law.stackexchange.com/questions/40966/innocent-until...