And occasionally, the recipients go ballistic and shoot at the messenger. Sam will present a brief summary of previous disclosures, leading to the LSU Health HIPAA violation that resulted in the SC Magazine article "Professor hacks University Health Conway in demonstration for class". That article made a mess so big, it took a real lawyer, Alex Muentz, to clear it up.
Alex will then explain how he handled this, and offer informed advice on the laws around vuln disclosure, and how to use the media effectively. In addition, Alex will describe a few other cases where attempts at responsible disclosure went wrong, what had to be done to fix it and how the disclosure should have been done.
He has a B.S. in Physics from Edinboro University of Pennsylvania and a Ph.D. in Physics from University of Illinois, Urbana-Champaign. Certs include CISSP, CEH, WCNA & CCENT.
Alex Muentz is both an information security professional and lawyer. When he's not trying to explain law to hackers or infosec to clients, he teaches an undergraduate Computer Crime class at Temple University. He's spoken at Defcon, Shmoocon, HOPE and a few other conferences you may have heard of. He is a graduate of Northeastern University and Temple Law School.