Maximizing Vulnerability Impact: Security Research as Direct Action

Explore a thought-provoking case study on using security research as a method of direct action in this 47-minute conference talk. Delve into the practice of responsible disclosure in vulnerability handling and its impact on public debates. Examine two specific examples, the ID-Wallet and the Bonify case, to understand scenarios where maximizing a vulnerability's impact through social media can be effective while maintaining safety for most parties involved. Learn about the potential trade-offs between responsible disclosure and using security research for direct action, and consider the ethical implications of different approaches to vulnerability disclosure in the context of cybersecurity and public policy.