Functioning as Designed: Hacking Software Without Special Exploits
The two meanings of "functioning as designed:"
Disavowal of Responsibility
Recognition of Unintended Consequences
Major sections of the talk:
Background: Trends in General Security Thought
Application Security: Challenges in Applying these "Best Practices"
Inherent Risks: Systems Undermined by their Own Features
Example Attacks... Or Are They?
Wise Lessons: How Can We Do Better?
Major sections not in the talk:
Rehash/how-to of CSS or SQL injection
Unwholesome focus on a single architecture or technique
Specific tips for how to avoid common errors
Enjoyable questions, and maybe even some answers
This page is maintained by Foofus.
Send comments or questions to foofus@foofus.net.