Good-faith hackers face prosecution and fear due to a lack of legal protections for their work in securing systems.
The key distinction between a hacker who protects and an attacker who exploits is their intent, not their skillset.
A security researcher who reported a bug to DJI was threatened with a lawsuit, highlighting the risks of poorly managed disclosure programs.
Media portrayals create socially constructed beliefs that trigger fear-based responses towards hackers, which can be overcome with personal stories.
Combat negative stereotypes by kindly correcting inaccurate terminology and imagery used by journalists and marketers.
The vague and outdated CFAA is misused by companies to prosecute ethical hackers, as tragically exemplified by the case of Aaron Swartz.
Individuals can drive legislative reform by voting, identifying their local representatives, and collaborating with advocacy groups to schedule meetings.
Companies can build trust and improve security by creating clear vulnerability disclosure policies with defined scope, simple language, and a dedicated contact.
Change starts with individual awareness and action, such as supporting advocacy organizations and sharing personal stories to challenge stereotypes.
The community prefers the term "hacker" to reclaim its identity, while corporate lobbying from tech companies actively prevents reforms to the CFAA.
Sensory-Minds GmbH
Offenbach am Main, Germany
zeb consulting
Frankfurt am Main, Germany
43:56Mauro Verderosa
37:32Martin Schmiedecker
29:34Reto Kaeser
27:32Jasmin Azemović
27:36Tino Sokic
21:01Julian Totzek-Hallhuber
29:47Thomas Chauchefoin & Paul Gerste
24:23Balázs Kiss
Jobs that call for the skills explored in this talk.
Deloitte Ag
Zürich, Switzerland
Bug Bounty Switzerland
Zürich, Switzerland
Charles Russell Speechlys
Charing Cross, United Kingdom
