Chloé Messdaghi

We Deserve Rights

When does a security researcher become a criminal? Vague, outdated laws are punishing the very people trying to protect us all.

We Deserve Rights
#1about 3 minutes

The legal risks facing ethical security researchers

Good-faith hackers face prosecution and fear due to a lack of legal protections for their work in securing systems.

#2about 1 minute

Defining the difference between a hacker and an attacker

The key distinction between a hacker who protects and an attacker who exploits is their intent, not their skillset.

#3about 4 minutes

A case study of a bug bounty program gone wrong

A security researcher who reported a bug to DJI was threatened with a lawsuit, highlighting the risks of poorly managed disclosure programs.

#4about 9 minutes

How social constructs and fear shape public perception

Media portrayals create socially constructed beliefs that trigger fear-based responses towards hackers, which can be overcome with personal stories.

#5about 7 minutes

Practical ways to correct media misrepresentation of hackers

Combat negative stereotypes by kindly correcting inaccurate terminology and imagery used by journalists and marketers.

#6about 5 minutes

The dangers of the Computer Fraud and Abuse Act (CFAA)

The vague and outdated CFAA is misused by companies to prosecute ethical hackers, as tragically exemplified by the case of Aaron Swartz.

#7about 1 minute

How to advocate for legislative change and reform

Individuals can drive legislative reform by voting, identifying their local representatives, and collaborating with advocacy groups to schedule meetings.

#8about 3 minutes

Best practices for vulnerability disclosure policies

Companies can build trust and improve security by creating clear vulnerability disclosure policies with defined scope, simple language, and a dedicated contact.

#9about 2 minutes

A final call to action for the community

Change starts with individual awareness and action, such as supporting advocacy organizations and sharing personal stories to challenge stereotypes.

#10about 8 minutes

Q&A on reclaiming the term hacker and corporate lobbying

The community prefers the term "hacker" to reclaim its identity, while corporate lobbying from tech companies actively prevents reforms to the CFAA.

Related jobs
Jobs that call for the skills explored in this talk.

Designer

Andrew Comp

Andrew Comp
Berlin, Germany

Intermediate
Java
JavaScript

Matching moments

From vulnerability researcher to automated security founder
05:31 MIN

From vulnerability researcher to automated security founder

The transformative impact of GenAI for software development and its implications for cybersecurity

Unlock full access

Log in or set up an account to access this feature and more.

Understanding attacker motivations and barriers
02:26 MIN

Understanding attacker motivations and barriers

Cyber Security: Small, and Large!

Unlock full access

Log in or set up an account to access this feature and more.

Why developers make basic cybersecurity mistakes
02:26 MIN

Why developers make basic cybersecurity mistakes

Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes

Unlock full access

Log in or set up an account to access this feature and more.

Q&A on blockchain, pentesting, and ethical implications
09:15 MIN

Q&A on blockchain, pentesting, and ethical implications

Reverse Vending Machine (RVM) Security: Real World Exploits / Vulnerabilities

Unlock full access

Log in or set up an account to access this feature and more.

Exploring the need for regulation in software development
03:35 MIN

Exploring the need for regulation in software development

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Unlock full access

Log in or set up an account to access this feature and more.

Q&A on social engineering and a career in security
27:22 MIN

Q&A on social engineering and a career in security

Stranger Danger: Your Java Attack Surface Just Got Bigger

Unlock full access

Log in or set up an account to access this feature and more.

Cybersecurity is a foundational necessity not a passing trend
05:49 MIN

Cybersecurity is a foundational necessity not a passing trend

Decoding Trends: Strategies for Success in the Evolving Digital Domain

Unlock full access

Log in or set up an account to access this feature and more.

Q&A: Career advice for aspiring security professionals
08:18 MIN

Q&A: Career advice for aspiring security professionals

Walking into the era of Supply Chain Risks

Unlock full access

Log in or set up an account to access this feature and more.

Featured Partners

Related Videos

See all videos
Getting under the skin: The Social Engineering techniques43:56

Getting under the skin: The Social Engineering techniques

Mauro Verderosa

Cyber Security: Small, and Large!37:32

Cyber Security: Small, and Large!

Martin Schmiedecker

You can’t hack what you can’t see29:34

You can’t hack what you can’t see

Reto Kaeser

How to Cause (or Prevent) a Massive Data Breach- Secure Coding and IDOR40:38

How to Cause (or Prevent) a Massive Data Breach- Secure Coding and IDOR

Anna Bacher

Climate vs. Weather: How Do We Sustainably Make Software More Secure?51:41

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Panel Discussion

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Security Pitfalls for Software Engineers27:32

Security Pitfalls for Software Engineers

Jasmin Azemović

You click, you lose: a practical look at VSCode's security29:47

You click, you lose: a practical look at VSCode's security

Thomas Chauchefoin & Paul Gerste

Related Articles

View all articles
LM
Luis Minvielle
9 Ways to Make Money Hacking
Cybercrime is still a currency black hole. Industry insiders report, year after year, how companies lose trillions of dollars each year to hacking, scams, and data breaches. This is a huge problem, which also means that if you can do something about ...
9 Ways to Make Money Hacking
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
CH
Chris Heilmann
WWC24 Talk - Scott Hanselman - AI: Superhero or Supervillain?
Join Scott Hanselman at WWC24 to explore AI's role as a superhero or supervillain. Scott shares his 32 years of experience in software engineering, discusses AI myths, ethical dilemmas, and tech advancements. Engage with his live demos and insights o...
WWC24 Talk - Scott Hanselman - AI: Superhero or Supervillain?
CH
Chris Heilmann
Dev Digest 112 - The True Crime of AI Development
In last Friday's Dev Digest, we had some great AI news, some worrying security threats and a swipe-aware game in CSS with explanations! News and ArticlesLet's kick off with some AI news. Netflix caused a stir with AI-generated images in a true crime ...
Dev Digest 112 - The True Crime of AI Development

From learning to earning

Jobs that call for the skills explored in this talk.