Explore the legal complexities surrounding bug bounty programs in this 33-minute conference talk from BSidesSF 2018. Delve into the murky legal landscape of vulnerability disclosure, examining how some platforms and companies may inadvertently expose hackers to civil and criminal liability risks. Learn about a novel survey of bug bounty terms and their implications for the more than 120,000 hackers participating in these programs. Discover practical steps to minimize legal risks, understand the importance of standardizing legal terms in light of the DOJ framework, and gain insights into which contract clauses hackers should be wary of or demand to ensure "authorized access." Gain valuable knowledge about the intersection of cybersecurity and law, empowering ethical hackers to navigate the vulnerability economy more safely and effectively.
Overview
Syllabus
BSidesSF 2018 - Hacking the Law: Are Bug Bounties a True Safe Harbor? (Amit Elazari)
Taught by
Security BSides San Francisco
Related Courses
-
Hacking the Law- Are Bug Bounties a True Safe Harbor? - USENIX Enigma Conference - 2018
-
Hacking the Law - A Call for Action – Bug Bounties Legal Terms as a Case Study
-
Fixing the Internet's Auto-Immune Problem - Bilateral Safe Harbor for Good-Faith Hackers
-
Behind the Curtain - Safe Harbor and Department of Defense
-
Bug Bounties - Relationship Advice for the Hunters and the Hunted
-
From Bounties to Bureaucracy - The Hidden Market Factors of Exploit Economics
