Fixing the Internet's Auto-Immune Problem - Bilateral Safe Harbor for Good-Faith Hackers

Explore the concept of Bilateral Safe Harbor for good-faith hackers in this 18-minute conference talk from Security BSides London. Delve into the challenges faced by ethical hackers due to anti-hacking laws, despite the growing acceptance of vulnerability disclosure and bug bounty programs. Learn about the importance of including Safe Harbor language in program policies to protect well-intentioned hackers while maintaining legal safeguards against malicious actors. Discover the benefits of standardized language, disclosure practices, and trust agreements in fostering a more secure internet ecosystem. Gain insights into relevant legislation such as the Computer Misuse Act 1990 and Data Protection Act 2018, and understand the grassroots efforts driving the adoption of safe harbor practices. Conclude with a Q&A session to address specific concerns and queries about implementing Bilateral Safe Harbor in cybersecurity programs.

Introduction
Disclaimer
Current landscape
Computer Misuse Act 1990
Data Protection Act 2018
US Loss
Bug Bounty
Standardized Language
Disclosure
Summary
Trust Agreement
Hacker List
Safe Harbor vs Partial
Requirements
grassroots effort
safe harbor language
safe harbor list
QA