487
unique visitors have registered for our events so far in 2024

Events

Thomas Röthlisberger started work as an IT security analyst for Compass Security AG in January 2010. Compass is an incorporated company based in Jona (Saint Gall) Switzerland specializing in security assessments and forensic investigations. The company carries out penetration tests and security reviews for their clients, enabling them to assess the security of their IT systems against hacking attacks, as well as advising them on suitable measures to improve their defenses. Before he was working as a .NET software engineer for 4 years.

21.11.2013

HTML5 vs. Security

Why Cross-Site Scripting becomes even worse

LOCATION: Zürich
KEYWORDS: Concept, Lessons learned, Technology

AGENDA:18:00 - 19:15h: Talk incl. Q/A
Afterwards you are invited to a refreshment.

SPEAKER: Thomas Röthlisberger   COMPANY: Compass Security AG
SLIDES: 130528_HTML5_v1.1_handout.pdf

HTML5 is the new upcoming web standard which introduces several new features that can be used by web applications and web browsers. Through these new features new vulnerabilities are introduced as well. While in HTML 4.01 the attacks mainly focus on web servers, with HTML5 this boundary has moved towards the client. New HTML5 features enable possibilities for directly attacking the web browser and not all can be circumvented by secure implementation on the server side, because some HTML5 features are the vulnerabilities itself.

LEVEL OF TALK: Intermediate
LANGUAGE: Talk: de / Slides: en

Thomas Röthlisberger started work as an IT security analyst for Compass Security AG in January 2010. Compass is an incorporated company based in Jona (Saint Gall) Switzerland specializing in security assessments and forensic investigations. The company carries out penetration tests and security reviews for their clients, enabling them to assess the security of their IT systems against hacking attacks, as well as advising them on suitable measures to improve their defenses. Before he was working as a .NET software engineer for 4 years.

LEVELS:

BEGINNER
The presented topic is new to the audience or only little and superficial experience exists. This talk will mainly cover basic aspects of the topic and not go into much detail.

INTERMEDIATE
The presented topic is known to the audience, serious practical experience is expected. This talk might cover some basic aspects of the topic, but will as well go into depth and details.

ADVANCED
The presented topic is well-known to the audience, serious practical experience and a deep understanding are required. This talk will not cover basics of the topic, but will go into depth, might discuss details, compare different approaches, and so on.

ALL
The topic presented is of interest to all levels and does not require any special prior knowledge.

top

Supporting members

Platin

Gold

Silver

 
 

 

About

JUG Switzerland aims at promoting the application of Java technology in Switzerland.

JUG Switzerland facilitates the sharing of experience and information among its members. This is accomplished through workshops, seminars and conferences. JUG Switzerland supports and encourages the cooperation between commercial organizations and research institutions.

JUG Switzerland is funded through membership fees.

Design
Partner

 

Contact

Java User Group Switzerland
8000 Zürich
info@jug.ch

© Java User Group Switzerland