I won’t have much time to update news over the next few days while I am in Washington DC for the Privacy and Security Forum, but I just couldn’t wait until I got back to share what I hope is encouraging news for some of you.
I know that there are a number of young (and maybe some not-so-young) folks out there who may have started out wearing a black or grey hat but now wish to establish themselves as whitehats. Or maybe you’re just starting out with no past reputation to overcome but you are having trouble getting entities to respond to your notifications? Or maybe you publish your research on your blog, but not enough people learn about it?
If you are committed to doing ethical research and responsible disclosure, get in touch with the GDI Foundation. They’ve got a new initiative and they are looking to involve more volunteers. They are offering some internships that can help you establish yourself as an ethical researcher. Having trouble reaching parties? They will help you make the notifications by using their contacts and influence. In some cases, DataBreaches.net will also be able to assist you with making notifications if you are having trouble with responsible disclosure.
If you’ve engaged in ethical research and responsible disclosure, both GDI Foundation and DataBreaches.net will also help you publicize your research when it’s ready to be revealed publicly. You can still publish your research on your own web sites or blogs, of course, but GDI Foundation and DataBreaches.net will also will also do what we can to help you get your work better known, including the opportunity to post or cross-post your research on this site, where it can be read by more people. You can publish here under your real name or a pseudoanonymous byline. That’s up to you.
If this sounds good to you, follow @GDI_FDN @MasterHawkx1 and Victor Gevers (@0xDUDE) on Twitter, and DM them to let them know you’re interested in learning more about their internship or what they can do to help you. Hopefully I haven’t mis-stated what they are doing in their new initiative, but if I have, they will clarify.
And of course, you can reach me via email to this site or contact me on Twitter @pogowasright. Just not for the next few days.