Learn about the process of responsible security vulnerability disclosure through this 50-minute conference talk from the Chaos Communication Congress (38C3). Explore how the CCC (Chaos Computer Club) supports security researchers in reporting vulnerabilities through Responsible-Disclosure and Coordinated-Vulnerability-Disclosure procedures. Gain insights into real-world disclosure processes through various case studies from recent months, examining typical challenges and potential conflicts. Understand the current landscape where hacker laws create uncertainty for security researchers who risk legal action when reporting vulnerabilities. Join speakers kantorkel and Linus Neumann as they share practical experiences and demonstrate proper disclosure procedures, though note that this presentation does not constitute legal advice.