Python 3000
Google engEDU
1 hr 7 min – 21-Jul-06

Google TechTalks
July 21, 2006

Guido van Rossum is a computer programmer who is best known as the author and Benevolent Dictator for Life of the Python programming language.

ABSTRACT
The next major version of Python, nicknamed Python 3000 (or more prosaically Python 3.0), has been anticipated for a long time. For years I have been collecting and exploring ideas that were too radical for Python 2.x, and it’s time to stop dreaming and start coding. In this talk I will present the community process that will be used to complete the specification for Python 3000, as well as some of the major changes to the language and the remaining challenges. Read the rest of this entry »

Developing JavaScript with Chickenfoot
Google engEDU
56 min – 25-Jul-06

Google TechTalks
July 25, 2006

Rob Miller
Michael Bolin

ABSTRACT
Chickenfoot is a Firefox extension that embeds a JavaScript programming environment in the browser’s sidebar. Unlike a JavaScript shell that simply supplies access to the DOM of a webpage, Chickenfoot provides users with a high-level API, making web scripting accessible to end-user programmers as well as hackers. In this talk we will present the design and implementation of Chickenfoot; in particular, our novel technique of using keyword patterns to identify page components. We will also demonstrate how to use Chickenfoot for debugging webapps and creating rapid prototypes. In fact, we’ll write a Firefox extension in under a minute, or your money back. Read the rest of this entry »

How To Break Web Software – A look at security vulnerabilities in web software
Google engEDU
1 hr 27 min – 13-Apr-06

Google TechTalks
April 13, 2006

Mike Andrews

Mike Andrews is a senior consultant who specializes in software security and leads the web application security assessments and Ultimate Web Hacking classes for Foundstone.

ABSTRACT
It all started out as a place to share physics documents, but has grown into potentially mankind’s largest and most complex creation. The World Wide Web is a lot of things – a soapbox for everyone, a giant shopping mall, an application platform, and unfortunately a hacker’s playground.

As more applications get "web-ified" moving from the desktop or legacy systems onto the web, attackers follow the vulnerabilities. Without sophisticated tools or "1337 5x1llz", web applications are now the most attacked technology, with the majority of attacks categorized as "easily exploitable".

So, before your application is placed out into one of the most hostile environments, how do you stop your software from being "0wn3d" by the 14 year old in their blacked-out bedroom, or being used by a Russian crime cartel?

In this TechTalk, Mike Andrews will look at how web applications are attacked, walk through a testing framework for evaluating the security of an application and take some deep-dives into a few interesting and common vulnerabilities and how they can be exploited. Read the rest of this entry »