Bio: Johannes Hofmann is a web developer from Cologne who spend the last 9 years working for various companies running web portals of various sizes. He has seen more security malpractice and blatant stupidity in code than he cares to remember and has a strong dislike for his application babies to be owned by rampant script kiddies. On a related note, he also likes to torture his coworkers by imposing rigidly fascist framework APIs.
Topic of Presentation: Dev and blind
Abstract: The developer is an easy and valuable target for malicious minds. The
reasons for that are numerous and hard to come by. This talk delivers
examples, proof, discussion and awkward moments in a pretty special way.
Everybody hates developers – especially web developers. And why not? The cracks and crevices of their APIs and implementations are the reason that vulnerabilities in web applications are still a widespread issue – and will continue to be in the foreseeable future.
Bashing and blaming them for their wrongdoings is fun – boy, they are stupid in their mistakes! But has anyone ever dared to have an open on stage battle with an actual developer?
And who of the developers dares to face their collective nemesis – the attacker? Can there be life where matter and anti-matter collide? We will know about this soon – because this is what this talk is going to be about. Developer versus attacker – vulnerability versus defence. Be prepared for swearing, violence and people leaving the stage prematurely in tears.