Skip to content

Instantly share code, notes, and snippets.

@tyleryoungblood
Last active August 29, 2015 14:19
Show Gist options
  • Save tyleryoungblood/8b0a3eea826c80243cea to your computer and use it in GitHub Desktop.
Save tyleryoungblood/8b0a3eea826c80243cea to your computer and use it in GitHub Desktop.
Notes for ConvergeSE 2015

#ConvergeSE 2015

Keynote Speaker 1 - Carl Smith

Keynote Speaker 2 - Samantha Toy (SamanthaToy.com)

  • Train traveler symbols (the secret symbols of travelers)
  • Postcards to my parents (postcardtomyparents.com)
  • Speaker came up with "Style Tyles"
  • OneRoom (online classroom)

Keynote Speaker 3

  • Collaborative estimating -- set up a google spreadsheet and let the client help you come up with the estimated cost
  • book ("Flow") by mihaly cslk...

Keynote Speaker 4 - Booking.com

  • Honeypot field in a form? To catch spam bots?

Kill All Passwords (Jonathan LeBlanc @jcleblanc)

  • Paypal (Head of global developer advocacy)
  • Middle Earth dictionary attack ... (comic)
  • Usernames (who are you) and Passwords (verify you are who you are)
  • Security algorightms (MD5, SHA1 - 3, etc) are fast. We wan't something slow -- PBKDF2, BCRYPT, SCRYPT are better (and slower, which is good because it slows down brute force attacks) --- Use "key stretching"
  • Other methods in addition to U/P -- Location awareness (is this where the user normally tries to log in?) -- Habit Awareness (target sending out baby goods coupons to 14 year old daughter because her shopping habits have changed) --- within buying 4-6 items a store can confirm you are who you are because of your buying patterns -- Browser Uniqueness (What browser, what plugins, what OS, etc. 1 out of 50 people might have your same configuration) -- Device Fingerprinting (same as above, but using phone hardware information)
  • Variable levels of authentication -- letting a user do basic things on the site without loggin in (or with a basic login) but requiring them to log in or log in at a more secure level before letting them change profile info or place an order.
  • Biometrics -- Fingerprint -- Vein Recognition -- Heart Rate Monitoring -- Ingestible technology (ingestible sensors for glucose detection, blood pressure monitoring, etc) -- Wearable sensors
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment