The Flash plugin is installed on over 98% of Internet accessible computers, but until recently Flash has not been widely been regarded as a threat to web security.
We discuss common Flash programming and deployment pitfalls that lead to web security issues such as information disclosure, cross site request forgery, and cross site scripting. We demonstrate how attackers find and exploit these issues, and most importantly, we present how developers and system administrators can prevent Flash based security issues on their websites.
Rich Cannings is an information security engineer at Google, specializing in web and mobile security. He co-authored “Hacking Exposed Web 2.0: Security Secrets and Solutions” and wrote the first book chapter on Flash security. Rich has a joint master degree in Mathematics and Computer Science specializing in cryptography from the University of Calgary.
Have a suggestion for a speaker or topic at Web 2.0 Expo San Francisco? Send an email to: firstname.lastname@example.org
View a complete list of Web 2.0 Expo contacts.