A long long time ago any results from security research were mainly communicated via message boards and mailing lists such as full-disclosure. Today, researchers and academics have new ways to make their work known to a wider audience by establishing relationships with journalists and other intermediaries. This can cause problems if researchers with no prior exposure to journalists and other media representatives get into contact with media who are more focused on producing fancy headlines and where accuracy often takes second place. The problem goes both ways: Jounalists or editors with no knowledge or experience in infosec can - sometimes inadvertently - interpret something as the "hack of the century", when in fact it isn't. A prime example of this is The Guardian's coverage of what they thought was a backdoor in Whatsapp.
This talk wants to address the problem and offer some advice to both parties. For example the relevant questions that should be asked by a journalist prior to publishing any research they were handed. It will also look at where potential overlaps in the interests of both parties are and how those can lead to an unwanted outcome, e.g. if media outlets quote proper academic research out of context. We will present disclaimers and other useful tools that can help to get the public informed in a better way about the critical field of IT security research.