BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Protecting your website from hackers - Ben Mathews\, Facebook
DTSTART:20130115T161500Z
DTEND:20130115T171500Z
UID:TALK41602@talks.cam.ac.uk
CONTACT:Laurent Simon
DESCRIPTION:I will give a modified version of the talk we give our new eng
 ineers on how not to write security holes.\nThis may be a little bit close
 r to Zend's talk.  I will talk more openly about some of our solutions to 
 a variety of web security issues where an outside hacker is typically tryi
 ng to get control of your website.  Among other things\, I will cover:\n	a
 .	XSS:  XHP\; Alternatives to innerHTML in JavaScript\; Automatic detectio
 n of XSS holes.\n	b.	SQL injection: Our abstracted graph data store (which
  avoids the need for SQL)\; printf()-style SQL functions\n	c.	URL injectio
 n: Our URI class for building URLs\n	d.	Shell injection: Our printf()-styl
 e functions for running shell\ncommands\n	e.	CSRF: Generating CSRF tokens 
 and checking them automatically on all POST\nrequests\;  The importance of
  a good crypto library\n	f.	Brute-force attacks: Also the importance of a 
 good crypto library.
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR