CppCon 2018 has ended
Back To Schedule
Tuesday, September 25 • 15:15 - 15:45
Make It Fixable: Preparing for Security Vulnerability Reports

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

From experience we have learned that almost any surface we expose could have weaknesses. We have to have a plan on how to deal with issues as they arise, and an architecture that allows us to correct and protect in products that are already in use. When security is lifted up to the discretion of the user, however, we often fail to inform their decision properly. The usability of security and the architecture of fixability are closely connected, and both need continued refinement and focus. This talk will describe architectural and organizational features that make it easier to make corrective measures. They are down-to-earth everyday scenarios, illustrated by real world software projects and security incidents. Some of the stories are well known, some are anonymized to protect the innocent. Finally we will show examples of how difficult it is to design the user experience of security.

avatar for Patricia Aas

Patricia Aas

Programmer, TurtleSec
Patricia has been programming C++ professionally for 13 years, she started out working on the Opera desktop browser and has looped back to browser making in the recent years, now working on the Vivaldi browser with many ex-opera colleagues. While away from the browser world she did... Read More →

Tuesday September 25, 2018 15:15 - 15:45 PDT
Steamboat (403)
  • Secure Programming