Meta Refresh 2012

Web design could use some new ideas. We have the tech now.

HTML5 and CSS3 have very quickly moved from being tentative new standards to the base standards for every major desktop and mobile browser. HTML5 is now just HTML, a modular, living standard that no longer needs a version number.

Now that we are no longer fighting over platforms, it’s time to put the specs aside and revisit the construction of user interface: how do we raise the bar for stellar user interface on the web?

Meta Refresh is a follow-up to DocType HTML5 from 2010-11 and is a conference on web UI engineering.

More about the event: http://metarefresh.in
Registrations: http://metarefresh.doattend.com

Hosted by

Meta Refresh is an umbrella forum for conversations about different aspects of design and product including: UX and interaction design CMS, content management, publishing and content marketing Information architecture more

Akash Mahajan

@makash

I haz your mouse clicks and key strokes

Submitted Apr 1, 2012

You will learn how fancy UI using HTML5, JavaScript and CSS3 allow for sophisticated attacks against the users of your applications on the client side.

You will learn how to avoid and/or mitigate such attacks and what is the risk involved.

Outline

This intentionally funny and technically light talk+demo will show you how and what are User Interface Redressing Attacks.

Web Applications using HTML5 + JavaScript + CSS3 + Modern Browsers are vulnerable to attacks such as Clickjacking, Strokejacking, Cursor Tracking, Unxploitable XSS and Facebook Like attacks.

TL;DR Cool demo and simple to understand explaination of ClickJacking

Requirements

An open mind, a sense of humour and be a heavy user of social networking websites like Facebook.

Speaker bio

Feedback for my JavaScript Gone Wild Talk

Javascript gone wild was a fun talk and very interesting post lunch :)

Also more than 80% attendees gave my talk a thumbs up ( +1 )

Akash is a Certified Ethical Hacker with more than 8 years of experience in Application and Network Security. Before becoming an expert security consultant he was a technical lead for one of the leading American commercial security software companies specialising in end point security. He started in security working on web infrastructure for the government of India.

Along with his day job Akash is heavily involved in the wider global
security community, ranging from his work with OWASP, to contributing signatures for malware detection to Emerging Threats, a US DoD funded group of volunteers, to being one of the founders of null The Open Security Group, India’s foremost non-profit computer security organisations. null is very involved in providing expert security advice to companies, organisations and even the government of India.

Akash is currently one of the two OWASP chapter leads for Bangalore.

When not working or advising you’ll find Akash speaking at industry conferences on all things computer security related.

Slides

http://www.slideshare.net/akashm/i-hazyourmouseclicksandkeystrokes

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Meta Refresh is an umbrella forum for conversations about different aspects of design and product including: UX and interaction design CMS, content management, publishing and content marketing Information architecture more