Loading…
Come join us for the first annual conference! We’ve hand selected a group of industry leaders to share their experiences in the lovely setting of Kailua Kona, HI.

Read more at:  https://locomocosec.com

Early bird tickets are for sale. Buy now! 

Training passes (which include a conference ticket) are also available. Buy now!

Looking to sponsor? See our sponsor package!
View analytic
Thursday, April 5 • 1:50pm - 2:30pm
XSS is dead. We just don't get it.

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
XSS is about twenty years old by now and appears to be alive and kicking. JavaScript alerts are still popping left and right and bug bounty programs are drowning in submissions.

But is XSS really still a problem of our time? Or is it just an undead foul-smelling zombie vulnerability from the dark ages of string concatenation that doesn't wanna perish because we are just too f**** stubborn?

This talk will be an hour-long rant (yes, swearwords, leave your kids at home), paired with a stroll through the history of XSS and related issues. We will go back into the year 1998 and see how it all started, how things developed, what we tried to do against it and how hard we failed every single time. We will also look at the future and predict what is about to happen next. Mostly nothing - but good to know, right?

We will not only look at our own failures but also see how the entire infrastructure and monetization of the web contributed to us being simply not capable or even just willing to fix XSS. And we might as well see if any of those behavioral and structural patterns can be compared to other human failures - and see if there is something we all can learn. Or, at least, agree that we knew it all along and are all on the same page.

Speakers
avatar for Dr.-Ing. Mario Heiderich

Dr.-Ing. Mario Heiderich

Founder, cure53.de
Buy your ticket today! | | Dr.-Ing. Mario Heiderich, handsome heart-breaker, bon-vivant and (as he loves to call himself) "security researcher" is from Berlin, likes everything between lesser- and greater-than and leads a small yet exquisite pen-test company. He commonly pesters... Read More →


Thursday April 5, 2018 1:50pm - 2:30pm

Attendees (1)