If easy-to-use software like Signal somehow became inaccessible, the security of millions of Americans (including elected officials and members of the armed forces) would be negatively affected.

This approach decreases the collateral damage that one team’s non-deterministic tests have on other teams.

The key change here is the removal of an intent to defraud and replacing it with willfully; it will be illegal to share this information as long as you have any reason to know someone else might use it for unauthorized computer access.It is troublesome to consider the unintended consequences resulting from this small change.

The problem is that it is that the laws themselves change the very definition of a criminal and put many innocent professionals at risk.

As serious leaks become more common, surely we can expect tougher laws. But these laws are also making it difficult for those of us who wish to improve security by studying actual data. For years we have fought increasingly restrictive laws but the government’s argument has always been that it would only affect criminals.

Another approach I toyed with (very transiently) was blocking entire countries from accessing the API. I was always really hesitant to do this, but when 90% of the API traffic was suddenly coming from a country in West Africa, for example, that was a pretty quick win.

The term has also been borrowed by the computing community to refer to the refusal of service to legitimate users when administrators take blanket preventative measures against some individuals who are abusing systems. For example, Realtime Blackhole Lists used to combat email spam generally block ranges of Internet Protocol (IP) addresses rather than individual IPs associated with spam, which can deny legitimate users within those ranges the ability to send email to some domains.