DOJ reverses itself, says good-faith security researchers should be left alone

In a move that could have a major impact on enterprise penetration testing and other cybersecurity tactics, the US Department of Justice last Thursday reversed one of its own policies by telling prosecutors not to prosecute anyone involved in “good-faith security research.”This is one of those common-sense decisions that makes me far more interested in exploring the original DOJ policy (set in 2014, during the Obama era). The underlying law at issue is the Computer Fr