Chris Shiflett (May 20, 2009 at 05:00)
Talk at php|tek 2009 (English - US)
Security is more than filtering input and escaping output (FIEO). It's more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn't even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception can be as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I'll introduce some of what I have learned about cognitive psychology, exploring topics such as change blindness and ambient signifiers, and I'll show some real-world examples that demonstrate the profound impact human behavior can have on security.
Quicklink: http://joind.in/192
May 27, 2009, 15:07 by philbert
A memorable presentation that gave me things to take home with me.
Only recommendation would be to possibly have a summary side (or two) that quickly summarizes the concepts explained and the particular practices that the developer community should think about implementing.
May 24, 2009, 14:34 by Anonymous
Great session! Chris used daily events to inspire the crowd to look at security in a diferent way and to ponder new challenges with a "outside the box" attitude.