by Colin Lee
Everything in software is broken.
Breaches happen everyday. We get so many offers of free credit monitoring from companies that lost every bit of our data to the dark web that it makes no sense to buy any.
In the past few months, every certificate check on Windows was broken. Every VPN on non-Windows was broken. Every app and service seems to be breaking all of the time.
I’ll give a crash course in the best ways to not crash your apps with remote code execution.
Security is not magic. Hackers don’t break your code like it appears in the movies. You can be a respected expert who other engineers come to for security advice. But it all starts with simple steps that any developer can perform.
Modem languages offer more safety if you know how to use it. If you’re not aware of the ways in which programs break, you may not know which patterns to use and which to avoid. Not knowing what to look for, you could be allowing critical, zero-day security flaws to pass through your code reviews without even a warning.
We will examine well-known security exploits, how code broke, and how coding with style can help you avoid these problems
Colin is an experienced software engineer specializing in Android development. He worked for Mozilla on the Firefox Preview Android browser revamp. He has worked for many successful companies in the past fifteen years, including Amazon, Flipgrid (acquired by Microsoft), Cray, Pearson VUE, and When I Work. He runs the Twin Cities Kotlin User Group in his spare time.
Colin has a strong background in infosec as both a former Amazon security certifier and as a security expert on the Android team at Mozilla.
He has been programming since he learned BASIC on the TRS-80 computer in his parents' basement at age six. He has been writing Android apps since the first Android phone launched and has done so professionally for around seven or eight years.
Does this session sound interesting? You may also like these:
This will add your name to the list of interested participants. It will help us gauge interest for scheduling purposes.