The international arms pact known as the Wassenaar Arrangement was designed to control the spread of potentially dangerous hardware and tech to repressive regimes. But when it was amended in December 2013 to include surveillance software, security pros flew into a tizzy. The definition of the software is so broad that it could encompass many legitimate tools that professionals use to find and fix vulnerabilities in software. If implemented by governments around the world, it would also criminalize the unlicensed sharing of some security research, potentially preventing researchers from disclosing problems and, ironically, making the world less safe.