We have been reading strange things in the comments about the articles that mention the video, so lets make some things clear
* We are not part of any FUD campaign by any firm that wants to get money from Fedict for whatever reason. The only reason of these postings is to have an open discussion about the procedures, security, democratic control just as we have about thousands of other subjects in everyday life and politics. So why is any discussion about an aspect of IT dangerous or suspect ? And why should citizens and politicians and other stakeholders have no active say and play in what we do with the IT infrastructure and our privacy in it ?
We even volunteered to get together with FEDICT without any pay to exchange ideas only we aren't sure how to organize this and guarantee our privacy and relative anonimity (and freedom of speech as a result of this) and also the legal status under the cybercriminality law.
* We are not a "bunch of open- source geeks" that try to get the EID project broken or whatever obscure manipulative scheme that is being imagined. We are all professionals working in professional environments following professional rules and books in a professional way. THis is our freedom of speech - how amateuristic it may look. As we are professional and read and work a lot, we have too little time to do everything the way we would like it to be done, but within that timeframe we try to do our best.
* We are not agents of the prime minister trying to destroy the federal IT infrastructure as some french speaking commentor thought. We will work with any active democratic politician that has the honest and responsable belief that our IT infrastructure in Belgium needs more resources and policies to be defended. We will work with any democratic politician of any region to do the same thing there. If you read the postings you will see that no one in the .be atmosphere is being ruled out. It also depends a bit on time.
* we are not hackers but professional securityresearchers of which some have chosen to be public, others to publish some things under their own name and other stuff under the 'mixed' belsec name and still others that just want or need to be somewhat anonymous. It is not who says it, but what is being said that is important. The brightest minds can say sometimes the most stupid things.
Hackers just destroy or manipulate things. The stuff in the video was given to the parliaments some months ago. It is only because the subject in the video was being mentioned in the parliament that we deemed it necessary to make it public so everybody knows what we are talking about.
We try always to be responsable and not everything that we receive is being published and not everything that we know is being tested and not everything that we find is being published immediately. We haven't published that there was sometime ago a serious programming error on a xxxxxx linked to a nuclear facility in Belgium. We informed our backchannels about it and waited three months to get it fixed.
This is why we want first and foremost that there would be a general responsable disclosure policy in Belgium.