No announcement yet.

On the path to DEF CON SecureDrop

This is a sticky topic.
  • Filter
  • Time
  • Show
Clear All
new posts

  • On the path to DEF CON SecureDrop

    At DEF CON 27 it was announced that we are exploring a way to run a Secure Drop to provide an anonymous way for hackers and researchers to share vulnerabilities with the DHS department that absorbed US CERT, CISA.

    A panel discussion and audience Q&A was held:

    No major objections were raised, but there were lots of interesting questions. As DEF CON continues to build toward this goal we will use this forum to make announcements and answer questions everyone may have.

    Interested in SecureDrop? Read more about it here:
    Last edited by Dark Tangent; August 14th, 2019, 21:46. Reason: Added YouTube link
    The Dark Tangent: Use PGP for email Key ID: 0x8B0B476D
    Fingerprint: EA2B 63F9 2219 9171 2AB1 0065 FC59 8B0B 476D

  • #2
    See also:
    * : article : August 08, 2019 : Politico, Tim Starks, DEF CON 27: zero-days and cyber weapons
    * : article : August 09, 2019 : CyberScoop, by Sean Lyngaas, Feds to use SecureDrop to accept anonymized vulnerability reports
    * : article : August 14, 2019 : threatpost, by Tom Spring, DEF CON and Feds Partner on Anonymous Bug Submission Program
    * : article : September 18, 2019 : threatpost, by Lindsey O'Donnell, Marc Rogers: Success of Anonymous Bug Submission Program ‘Takes A Village’
    Last edited by number6; September 24th, 2019, 01:07.
    6: "Who is Number1?"
    2: "You are number6"
    6: "I am not a number!..."


    • #3
      You can watch the panel where this project got discussed at DEF CON 27 here:
      Add your comments to this thread - we're very interested in feedback.