OWASP AppSec 2010: Keynote: Cross-Domain Theft and the Future of Browser Security 3/4
Clip 3/4 Speakers: Chris Evans: Troublemaker, Information Security Engineer, and Tech Lead at Google inc. Also the sole author of vsftpd. Ian Fette: Product Manager for Chrome Security and Google's Anti-Malware initiative The web browser, and associated machinery, is on the front line of attacks. We will first look at design-level problems with the traditional browser in terms of monolithic architecture and fundamental problems with the same-origin policy. We will then look at the types of solution that are starting to appear in browsers such as Google Chrome and Internet Explorer. We will look at other important browser-based defenses such as Safe Browsing. We will detail what a future browser might look like that has a much more secure design, but is still usable on the wide variety of web sites that people use daily. For more information click here (http://bit.ly/aeSvg2)
Clip 3/4 Speakers: Chris Evans: Troublemaker, Information Security Engineer, and Tech Lead at Google inc. Also the sole author of vsftpd. Ian Fette: Product Manager for Chrome Security and Google's Anti-Malware initiative The web browser, and associated machinery, is on the front line of attacks. We will first look at design-level problems with the traditional browser in terms of monolithic architecture and fundamental problems with the same-origin policy. We will then look at the types of solution that are starting to appear in browsers such as Google Chrome and Internet Explorer. We will look at other important browser-based defenses such as Safe Browsing. We will detail what a future browser might look like that has a much more secure design, but is still usable on the wide variety of web sites that people use daily. For more information click here (http://bit.ly/aeSvg2)