HTML5 - Security Risks and Tools in Modern Web Applications
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the security implications of HTML5 in this 51-minute conference talk by Johannes Ullrich, presented by the OWASP Foundation. Delve into the new subsystems introduced by HTML5 and their impact on web application security. Learn how features like client-side data storage and hardware sensor access can enhance session tracking and improve authentication. Examine code samples and demonstrations that highlight both positive and negative security effects. Cover topics including mobile applications, multifactor authentication, Flash cookies, surf crosstalk risks, Opera Mini, canvas fingerprinting, geolocation, face recognition, accelerometer usage, popup notifications, and cryptography. Gain insights from Ullrich's extensive experience as a research physicist and web developer, and discover how HTML5 can be leveraged as a hidden security tool chest.
Syllabus
Introduction
What is HTML5
Mobile applications
Authentication
Multifactor
Flash Cookies
Surf Crosstalk
Risks
Opera Mini
Canvas
Interactive Login
Connect Dots
Android Pattern
Demo
Canvas Support
Mobile Devices
Geolocation
Browser fingerprinting
Face recognition
Face detection API
Supported devices
Accelerometer
Popup notifications
Crypto
How it works
Summary
Taught by
OWASP Foundation
Related Courses
Web-Engineering I: Grundlagen der Web-Entwicklungiversity Web Engineering II: Developing Mobile HTML5 Apps
Technische Hochschule Mittelhessen via iversity Desarrollo de Aplicaciones en HTML5 y para Dispositivos Móviles Firefox O.S.
Miríadax Web Engineering III: Quality Assurance
Technische Hochschule Mittelhessen via iversity Information and Communication Technology (ICT) Accessibility
Georgia Institute of Technology via Coursera