back

Jens Spahns credit score is "very good"

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:46:30
Language
German
Abstract
A case study on how to use security research as a method of direct action.

In the context of the CCC, we usually do our vulnerability disclosures responsibly. So we ensure that a vulnerability is closed or at least disclosed to the responsible entity for a certain amount of time before discussing it publicly. The practice of responsible disclosure is more than two decades old and has become the gold standard in handling vulnerabilities as a security researcher.

On the other hand, responsible disclosure often also minimizes a vulnerability's impact in public debates and, therefore, is an excellent way to keep everybody safe. Still, it also reduces the usefulness of security research as a method of direct action.

In this talk, I would like to explain based on two examples (the ID-Wallet as well as the Bonify case) in which cases I think the impact of a vulnerability can be maximized by shitposting it on Twitter while keeping everyone - except Jens Spahn and Helge Braun - safe.

Talk ID
camp2023-57571
Event:
camp2023
Day
2
Room
Milliways
Start
8 p.m.
Duration
00:45:00
Track
Milliways
Type of
Talk
Speaker
Lilith Wittmann
Talk Slug & media link
camp2023-57571-jens_spahns_credit_score_is_very_good
0.0% Checking done0.0%
0.0% Syncing done0.0%
100.0% Transcribing done100.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!