Security is more than filtering input and escaping output (FIEO), and it's more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn't even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception is as important as reality, and meeting user expectations is a fundamental of good security.
Join Boston PHP and O’Reilly Author Chris Shiflett as we take you through a fascinating talk on the human behavior and social aspect of security. We’ll explore topics such as change blindness and ambient signifiers, and we’ll show some real-world examples that demonstrate the profound impact human behavior can have on security. If your a designer, developer, human interaction designer, you won’t want to miss this talk.
About Chris Shiflett:
Chris is no stranger to Boston PHP as he’s given two talks with us before in 2005 on PHP Security Audit HowTo and in 2006 on Zend Framework . We are fortunate to have him come back.
Chris is a web craftsman from Brooklyn, NY, and a founding member of Analog , where he works with some of the most talented people making things he loves, like Mapalong and Brooklyn Beta .
He blogs at shiflett.org , and can be found as @shiflett on Twitter. In 2007, he started PHP Advent , an annual Advent calendar for the PHP community. Since 2009, he’s been part of Studiomates , a co-working studio in Brooklyn.
He has authored and co-authored a few books — most notably Essential PHP Security and HTTP Developer’s Handbook. He sometimes writes articles for publications like Smashing Magazine, where he also serves on the editorial panel.
He has a love for sharing ideas speaking at conferences — like Webstock, OSCON, South by Southwest, and the Future of Web Apps. He attends events like Foo Camp, Kiwi Foo Camp, and the Microsoft Web Dev Summit.
On PHP Security...
During our initial interview with Chris he made a profound statement about web security with languages. "Out of all the programming language communities out there, the PHP community understands security the most."