Chloé Messdaghi

We Deserve Rights

When does a security researcher become a criminal? Vague, outdated laws are punishing the very people trying to protect us all.

We Deserve Rights
#1about 3 minutes

The legal risks facing ethical security researchers

Good-faith hackers face prosecution and fear due to a lack of legal protections for their work in securing systems.

#2about 1 minute

Defining the difference between a hacker and an attacker

The key distinction between a hacker who protects and an attacker who exploits is their intent, not their skillset.

#3about 4 minutes

A case study of a bug bounty program gone wrong

A security researcher who reported a bug to DJI was threatened with a lawsuit, highlighting the risks of poorly managed disclosure programs.

#4about 9 minutes

How social constructs and fear shape public perception

Media portrayals create socially constructed beliefs that trigger fear-based responses towards hackers, which can be overcome with personal stories.

#5about 7 minutes

Practical ways to correct media misrepresentation of hackers

Combat negative stereotypes by kindly correcting inaccurate terminology and imagery used by journalists and marketers.

#6about 5 minutes

The dangers of the Computer Fraud and Abuse Act (CFAA)

The vague and outdated CFAA is misused by companies to prosecute ethical hackers, as tragically exemplified by the case of Aaron Swartz.

#7about 1 minute

How to advocate for legislative change and reform

Individuals can drive legislative reform by voting, identifying their local representatives, and collaborating with advocacy groups to schedule meetings.

#8about 3 minutes

Best practices for vulnerability disclosure policies

Companies can build trust and improve security by creating clear vulnerability disclosure policies with defined scope, simple language, and a dedicated contact.

#9about 2 minutes

A final call to action for the community

Change starts with individual awareness and action, such as supporting advocacy organizations and sharing personal stories to challenge stereotypes.

#10about 8 minutes

Q&A on reclaiming the term hacker and corporate lobbying

The community prefers the term "hacker" to reclaim its identity, while corporate lobbying from tech companies actively prevents reforms to the CFAA.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

The security risks of AI-generated code and slopsquatting
05:55 MIN

The security risks of AI-generated code and slopsquatting

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Proactively managing the risks of employee personal branding
03:14 MIN

Proactively managing the risks of employee personal branding

Leveraging Leaders’ Voices: The Business Power of Personal Branding

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Building trust through honest developer advocacy
02:48 MIN

Building trust through honest developer advocacy

Devs vs. Marketers, COBOL and Copilot, Make Live Coding Easy and more - The Best of LIVE 2025 - Part 3

How a broken frontend culture impacts the web
04:02 MIN

How a broken frontend culture impacts the web

WeAreDevelopers LIVE – Frontend Inspirations, Web Standards and more

Getting hired by contributing to open source projects
05:32 MIN

Getting hired by contributing to open source projects

Devs vs. Marketers, COBOL and Copilot, Make Live Coding Easy and more - The Best of LIVE 2025 - Part 3

Why HR struggles with technology implementation and adoption
04:22 MIN

Why HR struggles with technology implementation and adoption

What 2025 Taught Us: A Year-End Special with Hung Lee

The business case for sustainable high performance
03:34 MIN

The business case for sustainable high performance

Sustainable High Performance: Build It or Pay the Price

Featured Partners

Related Videos

See all videos
Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Security Pitfalls for Software Engineers27:32

Security Pitfalls for Software Engineers

Jasmin Azemović

Outsmarting the System: What Game Cheaters Can Teach Us About Cyber Security17:31

Outsmarting the System: What Game Cheaters Can Teach Us About Cyber Security

John Romero

You click, you lose: a practical look at VSCode's security29:47

You click, you lose: a practical look at VSCode's security

Thomas Chauchefoin & Paul Gerste

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

Getting under the skin: The Social Engineering techniques43:56

Getting under the skin: The Social Engineering techniques

Mauro Verderosa

How GitHub secures open source25:28

How GitHub secures open source

Joseph Katsioloudes

Hacking AI - how attackers impose their will on AI27:02

Hacking AI - how attackers impose their will on AI

Mirko Ross

Related Articles

View all articles
LM
Luis Minvielle
9 Ways to Make Money Hacking
Cybercrime is still a currency black hole. Industry insiders report, year after year, how companies lose trillions of dollars each year to hacking, scams, and data breaches. This is a huge problem, which also means that if you can do something about ...
9 Ways to Make Money Hacking
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.