On the Ethics of Open Source Security Research

Security research is an important aspect of cybersecurity, but it is not particularly easy to carry out cybersecurity research or to do so scientifically. It is not entirely surprising then that a research team may consider trying “novel” tactics to carry out research.

However, this April, a security research team at the University of Minnesota got into hot water for methods that were pushing ethical boundaries.

In this article we’ll explain why we need open-source security research so much, why cybersecurity research requires a scientific basis, and how the team at the University of Minnesota got it wrong.

Continue reading “On the Ethics of Open Source Security Research”