Android is the leading mobile operating system. With its growing popularity and adoption, it is important to understand the security architecture of Android so developers can secure their data and also protect the privacy and confidentiality of their users. This session discusses the overall Android security architecture and talks about different security artifacts provided by Android.
For the last twelve years we've been giving conference talks and writing books about how to develop for the web in PHP. Over that time we've made a bunch of recommendations: some still hold true, and some things have changed quite a bit since 2000. We'll talk about how the landscape's changed, and how and when you should change the way you work.
(Cisco Security Research and Operations)
The use of Open Source Software in products or services can create numerous benefits; however, it simultaneously presents security challenges that are often overlooked. How do you learn of new vulnerabilities in OSS that you use? How do you effectively manage and track those issues? How do you disclose issues to your customers? This session will address these questions and many more.
Are you tired of null pointer exceptions, SQL injections, concurrency errors, mistaken equality tests, and other run-time errors? A compile-time tool named the Checker Framework has found hundreds of such errors in Java code. Come learn how you can use the tool to improve your own code. For those who don't use Java, we will explain the concept of pluggable type-checking that underlies the tool.