Graham Steel takes a look at some of the cryptographic standards whose security is the subject of speculation and tries to separate rumor from fact. Then he examines some of most widely encountered crypto APIs, evaluating them on two important axes: facilities for flexible, secure key management and provision of modern cryptographic primitives.
Caspar Bowden discusses about duplicity, the impact of Snowden's revelations on the society and what can be done about trust today.
Tim Lister presents the advantages—and the dangers—of practicing risk management in an adult-like fashion, offering a process for tailoring an organization and discussing how an organization can grow up.
Robin Wilton wonders what are the real costs, risks and economics of digital footprints, and what - if anything - can be done about it? This session examines these issues and makes some practical recommendations about how to understand and manage one's digital footprints.
Parisa Tabriz presents current online threats and some of the ways Chrome protects users, along with Chrome's philosophies, successes, and ongoing challenges to doing security in a browser.
Baruch Sadogursky discusses creating DSLs which support plugins written both in Groovy or Java, addressing good public API design practices, security, and classpath isolation.
Mike Wiesner advises on dealing with security tradeoffs when creating Servlet Container, Spring MVC or Spring Integration type of applications.
Greg Turnquist demoes using Spring Mail, Security, REST, GridFS, Bootstrap and jQuery in a production grade Grails application.
Joe Rinehart discusses some of the essential security topics for Grails (and Java) Web applications, showing how Grails can make life easier and the pitfalls of attempting to secure highly dynamic code.
Watkins and Hanna discuss the top 5 security mistakes made by developers, examining them in detail by looking at the code and highlighting the risks from both the consumer and developer perspective.
Anil Madhavapeddy suggests a different approach to building Internet services avoiding the complexity of today's services which incorporate many policies and security mechanisms.
Michiel de Jong suggests solving the data privacy and scalability issues by enabling mobile apps to connect to user's preferred back-end using Dropbox.js, GDrive JS, NimbusBase, remoteStorage.io, etc.