Chaos Computer Club - recent audio-only feed   /     Jens Spahns credit score is "very good" (camp2023)

Description

A case study on how to use security research as a method of direct action. In the context of the CCC, we usually do our vulnerability disclosures responsibly. So we ensure that a vulnerability is closed or at least disclosed to the responsible entity for a certain amount of time before discussing it publicly. The practice of responsible disclosure is more than two decades old and has become the gold standard in handling vulnerabilities as a security researcher. On the other hand, responsible disclosure often also minimizes a vulnerability's impact in public debates and, therefore, is an excellent way to keep everybody safe. Still, it also reduces the usefulness of security research as a method of direct action. In this talk, I would like to explain based on two examples (the ID-Wallet as well as the Bonify case) in which cases I think the impact of a vulnerability can be maximized by shitposting it on Twitter while keeping everyone - except Jens Spahn and Helge Braun - safe. about this event: https://pretalx.c3voc.de/camp2023/talk/NHHEZN/

Subtitle
Duration
00:46:30
Publishing date
2023-08-16 20:00
Link
https://media.ccc.de/v/camp2023-57571-jens_spahns_credit_score_is_very_good
Contributors
  Lilith Wittmann
author  
Enclosures
https://cdn.media.ccc.de/events/camp2023/mp3/camp2023-57571-deu-Jens_Spahns_credit_score_is_very_good_mp3.mp3
audio/mpeg