Chris Shiflett (May 20, 2009 at 05:00)
at php|tek 2009 (English - US)
Security is more than filtering input and escaping output (FIEO). It's more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn't even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception can be as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I'll introduce some of what I have learned about cognitive psychology, exploring topics such as change blindness and ambient signifiers, and I'll show some real-world examples that demonstrate the profound impact human behavior can have on security.
Quicklink: http://joind.in/192
May 27, 2009, 15:07 by philbert
A memorable presentation that gave me things to take home with me.
Only recommendation would be to possibly have a summary side (or two) that quickly summarizes the concepts explained and the particular practices that the developer community should think about implementing.
Currently not open for comment.
May 24, 2009, 14:34 by Anonymous
Great session! Chris used daily events to inspire the crowd to look at security in a diferent way and to ponder new challenges with a "outside the box" attitude.