Notes:
This blog post answers why members of Sakura Samurai now have their own personal blogs if they didn’t prior.
My hacker crew, Sakura Samurai, has been getting lots of press lately, and many of the journalists aren’t properly attributing the security researchers to the material. I just want to hack and don’t want to have a blog, and it has been great seeing such good writing come from my close friend John (who has been the only member of Sakura Samurai with a blog for findings), but there has been much confusion via the media on listing the researchers (which are clearly mentioned in the blog posts), yet alone properly reporting on the lead researcher (we alternate as leads while members jump on and greatly expand into new findings as a crew and all work on the research together, usually getting many more findings.)
In some cases, the lead researcher isn’t listed on an article at all — with the media just listing whose blog it was posted on as the lead.
We collectively decided that the lead on each hack/piece of research will post information to their own personal blog as the media reference for the breach or CVE — so the media doesn’t list someone else as the lead researcher in the event there ends up just being a single name on articles (because it just happened to be posted on a specific blog) …let’s face it, many journalists can’t seem to journalism properly.
So here it is, my blog. Do I want one? Not really. Will it help eliminate confusion? Yes. Are we sour about previous articles? No, it’s a natural learning curve when you are getting put into world news on a monthly basis for your hacks.
<3
rej_ex
I’m an infosec, cybersecurity professional who enjoys continuously learning and hacking. I also collect and make comics books. I role with my crew — Sakura Samurai. Follow me on Twitter @rej_ex.