Surely then it's the 'use', not the 'possession' that's a criminal offence? Or is it still a criminal offence to possess it, but you're fine as long as no one finds out? Because that doesn't stop it being a criminal offence.

▲

to11mtm 5 days ago | parent | next [-]

My basic understanding is that a 'dual use' tool is moreso based on intent; using the same analogy as when this came up on HN over a decade ago [0], a good kitchen knife can be at least as dangerous as a lot of explicitly 'banned' knives but because it has a non-illegal use it doesn't fall into the same category as, say, a DDOS tool. And AFAIK there hasn't (yet) been a case where NMAP has gotten someone in Germany in trouble with the law for possessing or using within their local subnet.

[0] - https://news.ycombinator.com/item?id=3797151

▲

rpdillon 5 days ago | parent [-]

This might be akin to lockpicks in the United States. Not illegal in and of themselves, but if you are possessing them with intent, it's a different matter.

	▲	ranger_danger 3 days ago \| parent \| next [-]
		I think it's worth mentioning that this varies by state... while most allow you to possess lockpicking tools freely, some states do have "possession with intent" rules you need to be careful of.
	▲	immibis 5 days ago \| parent \| prev [-]
		And the police can always fabricate intent.

▲

immibis 5 days ago | parent | prev [-]

It's "whoever prepares for the commission of a [hacking] offence by acquiring computer programs for the commission of the offence" and it's been interpreted that downloading nmap can be preparing for an offence, therefore punishable. Giving copies to others (e.g. running a Debian mirror) is also likely illegal, but I doubt anyone's been charged for that yet.

https://www.gesetze-im-internet.de/englisch_stgb/englisch_st...