HOPE X (2014): "HTTP Must Die" (Download)
Friday, July 18, 2014: 5:00 pm (Serpico): We all know that HTTP is insecure, but the Snowden revelations of 2013 showed that insecurity runs far, far deeper than most of us could have imagined. It's bad enough, in fact, that anyone who still supports it is contributing to the weaponization of the Internet by government spy agencies. The speakers believe that nobody at HOPE X has any excuse to be using plain HTTP instead of HTTPS in 2014. In this talk, they will summarize what the Snowden revelations mean for protecting data in transit: scary stuff like how supposedly secure cookies on social network sites can be turned into custom beacons for marking victims of targeted malware. They'll talk about what every web service provider needs to do at the very minimum to mitigate these attacks, and what clients can do to protect themselves. Finally, they will share some success stories from the last year that show how Edward Snowden has raised the bar for web security and created a safer online landscape for the average user.
Yan Zhu, Parker Higgins
Yan Zhu, Parker Higgins