Repairing the internet with Responsible Disclosures

[30 minutes] In 2016 a non-profit organization GDI.foundation, operated by volunteers started reporting vulnerabilities as responsible disclosures (coordinated vulnerability disclosures) and helping victims of ransom attacks worldwide under the name PROJECT366. As chairman & co-founder of that organization I would like to share the experiences and challenges they have faced so far. In the last 19 years Victor Gevers (@0xDUDE) has made over 5,250 security reports without getting in trouble with the law. In this talk, you’ll be taken through the experiences of the last 19 years in “how you could report ‘bad news’ and show our attempts to report as many vulnerabilities as humanly possible and how to deal with those on the other side, the organizations who receive these reports and the challenges each side faces.
The GDI foundation has been been mentioned by international press in 2017 which only covers a small aspect of our work:
GDI.Foundation is a non profit organization that strives to make the internet safer. We have discovered and reported hundreds of data leaks and thousands of security issues worldwide.