CONFidence - (29-30.11 2010 Prague)
Language: polski | english |cesky

Mario Heiderich

Bio: Mario Heiderich is a freelance security consultant and trainer living in Cologne and working for a wide array of German and international companies. In his free time Mario likes to spend a lot of quality time with the Firebug console window and also…. the Firebug console window. Hustling web-developers, breaking filters and accidentally stumbling upon high impact XSS, code execution and information leakage vulnerabilities make Mario happy. So happy this will be one the core features of this awesomely ambitious talk.

Topic of Presentation: Dev and blind

Language: English

Abstract: The developer is an easy and valuable target for malicious minds. The reasons for that are numerous and hard to come by. This talk delivers examples, proof, discussion and awkward moments in a pretty special way.

Everybody hates developers – especially web developers. And why not? The cracks and crevices of their APIs and implementations are the reason that vulnerabilities in web applications are still a widespread issue – and will continue to be in the foreseeable future.

Bashing and blaming them for their wrongdoings is fun – boy, they are stupid in their mistakes! But has anyone ever dared to have an open on stage battle with an actual developer?

And who of the developers dares to face their collective nemesis – the attacker? Can there be life where matter and anti-matter collide? We will know about this soon – because this is what this talk is going to be about. Developer versus attacker – vulnerability versus defence. Be prepared for swearing, violence and people leaving the stage prematurely in tears.