[rosedu-general] Tech Talk: Your Web Stack Would Betray You in an Instant

Razvan Deaconescu razvan at rosedu.org
Sat Apr 18 20:00:19 EEST 2015


Salutare.

Împreună cu cei de la Softwire[1] organizăm o prezentare tehnică foarte
interesantă în zona web, securitate și open source. Va fi susținută de
Tim Perry și este intitulată "Your Web Stack Would Betray You in an
Instant".

Prezentarea va avea loc marți, 28 aprilie 2015, de la ora 12:00, în sala
EG301 din cadrul Facultății de Automatică și Calculatoare. Pizza și
sucurile sunt la ordinea zilei :-) Ne vedem acolo!

Detalii despre prezentare și prezentator găsiți mai jos și pe pagina de
Facebook[1].
---
Securely setting up a web stack today is a tricky balancing act, as you
gingerly balance frameworks and services and tools all atop one another,
ever higher, to get all mod cons happily running together safely and
correctly. One security flaw though, and the whole pile tumbles down on
you to throw your customer passwords to the world.

In this talk we take a stroll down through a modern web stack and
examine some recent major security breakages in each layer to see how
they work and why. With any luck we can work out how to avoid this sort
of thing in future too, when either using or building such tools, but if
all else fails we can at least relax from all the careful balancing with
a little schadenfreude.

By day Tim Perry is a technical lead and the open-source champion at
Softwire, guiding teams, building a variety of great software at every
scale for clients, and pushing Softwire to engage with and give back to
the wider software development community.

By night he's a prolific open-source contributor on huge variety of
projects including JUnit, Mockito, Knockout & Lodash, and some of his
own, such as loglevel, and is feverishly keen on all things relating to
automated testing, polyglot persistence, and good old-fashioned
high-quality software development.
---

[1] https://www.facebook.com/events/422720737910397/

Răzvan


More information about the rosedu-general mailing list