Meta Refresh 2012

Web design could use some new ideas. We have the tech now.

I haz your mouse clicks and key strokes

Submitted by Akash Mahajan (@makash) on Apr 1, 2012

Section: Default Technical level: Beginner Session type: Demo Status: Confirmed & Scheduled

Abstract

You will learn how fancy UI using HTML5, JavaScript and CSS3 allow for sophisticated attacks against the users of your applications on the client side.

You will learn how to avoid and/or mitigate such attacks and what is the risk involved.

Outline

This intentionally funny and technically light talk+demo will show you how and what are User Interface Redressing Attacks.

Web Applications using HTML5 + JavaScript + CSS3 + Modern Browsers are vulnerable to attacks such as Clickjacking, Strokejacking, Cursor Tracking, Unxploitable XSS and Facebook Like attacks.

TL;DR Cool demo and simple to understand explaination of ClickJacking

Requirements

An open mind, a sense of humour and be a heavy user of social networking websites like Facebook.

Speaker bio

Feedback for my JavaScript Gone Wild Talk

Javascript gone wild was a fun talk and very interesting post lunch :)

Also more than 80% attendees gave my talk a thumbs up ( +1 )

Akash is a Certified Ethical Hacker with more than 8 years of experience in Application and Network Security. Before becoming an expert security consultant he was a technical lead for one of the leading American commercial security software companies specialising in end point security. He started in security working on web infrastructure for the government of India.

Along with his day job Akash is heavily involved in the wider global security community, ranging from his work with OWASP, to contributing signatures for malware detection to Emerging Threats, a US DoD funded group of volunteers, to being one of the founders of null The Open Security Group, India’s foremost non-profit computer security organisations. null is very involved in providing expert security advice to companies, organisations and even the government of India.

Akash is currently one of the two OWASP chapter leads for Bangalore.

When not working or advising you’ll find Akash speaking at industry conferences on all things computer security related.

Links

Slides

http://www.slideshare.net/akashm/i-hazyourmouseclicksandkeystrokes

Comments

Login to leave a comment