How To Write Secure JavaScript Applications

author Coding Tech   9 мес. назад

939 Like   60 Dislike

The JavaScript Starter Kit Manifesto

You know minification, linting, testing, bundling, cache busting, transpiling and so on are important. But does your team do all this consistently? Likely not. That's why every team needs a starter kit. Let's discuss why it's so critical, and what belongs in the box. EVENT: Nodevember, November 2016 SPEAKER: Cory House PERMISSIONS: The original video was published on Nodevember YouTube channel with the Creative Commons Attribution license (reuse allowed). ORIGINAL SOURCE:

10 Times Michio Kaku Arguments Blew Our Minds

If you like this video don't forget to like and subscribe ==================================================== Follow us: * Facebook: * Twitter: * Site: ==================================================== Michio Kaku is the co-founder of String Field Theory and is the author of international best-selling books such as Hyperspace, Visions, and Beyond Einstein. Michio Kaku is the Henry Semat Professor in Theoretical Physics at the City University of New York. 10 Times Michio Kaku Arguments Blew Our Minds ==================================================== FAIR-USE COPYRIGHT DISCLAIMER * Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, commenting, news reporting, teaching, scholarship, and research. - This video has no negative impact on the original works - This video is also for research and commenting purposes. - It is not transformative in nature. - we only used bits and pieces of videos to get the point across where necessary. If you have any issues with our "Fair Use", please contact us directly, for an amicable and immediate attention. Thank you in advance for your understanding and cooperation.

And You Thought Designing Buttons Was Easy

Buttons are arguably a design system’s most important component. Devilishly simple, they offer a simple label in a defined region you can press. As such, buttons are where you apply a design language’s base attributes in ways that’ll ripple throughout more complex component later. In this talk, Nathan will cover 12 lessons that he has learned when working on primary buttons, secondary buttons, and a whole host of other button types in an emerging system. EVENT: SmashingConf, New York, June 2017 SPEAKER: Nathan Curtis PERMISSION: Event Organizer provided Coding Tech with the permissions to republish this video.

Angular vs React.js vs Vue.js - My Thoughts!

Angular, React.js or Vue.js? I get this question a lot! Let me share some thoughts on it with you! Early bird offer - Join my course on this topic for only $10: Introductions to all three frameworks + detailed comparison included! Want to dive deeper into React or Angular or Vue? React - The Complete Guide for only $12: Angular - The Complete Guide for only $15: Vue.js 2 - The Complete Guide for only $15: Want to read instead of watch? Here you go! JS Framework Benchmark: You can follow Max on Twitter (@maxedapps), like us on Facebook ( or visit our Website ( See you in the videos!

Will Quantum Computers break encryption?

How do you secure messages over the internet? How do quantum computers break it? How do you fix it? Why don't you watch the video to find out? Why does this description have so many questions? Why are you still reading? What is the meaning of life? Facebook: Twitter: YouTube: CLARIFICATIONS: You don't actually need a quantum computer to do quantum-safe encryption. As briefly mentioned at 7:04 , there are encryption schemes that can be run on regular computers that can't be broken by quantum computers. CORRECTIONS: [2:18] Technically, you can use any key to encrypt or decrypt whatever you want. But there's a specific way to use them that's useful, which is what's shown in the video. [5:36] In RSA, depending on exactly what you mean by "private key", neither key is actually derivable from the other. When they are created, they are generated together from a common base (not just the public key from the private key). But typically, the file that stores the "private key" actually contains a bit more information than just the private key. For example, in PKCS #1 RSA private key format ( ), the file technically contains the entire public key too. So in short, you technically can't get the public key from the private key or vice versa, but the file that contains the private key can hold more than just the private key alone, making it possible to retrieve the public key from it. Video links: Encryption and HUGE numbers - Numberphile The No Cloning Theorem - minutephysics Quantum Entanglement & Spooky Action at a Distance - Veritasium Sources: Quantum Computing for Computer Scientists Random person talking about Quantum MITM attacks The Ekert Protocol (i.e. E91)'s-article.pdf Annealing vs. Universal Quantum Computers Images, Documents, and Screenshots: Post-Quantum Cryptography initiatives Internet map (Carna Botnet) Quantum network maps IBM Quantum Music: YouTube audio library: Blue Skies Incompetech: Jay Jay Pamgaea The House of Leaves Premium Beat: Cutting Edge Technology Second Time Around Swoosh 1 sound effect came from here: ...and is under this license:

Thought you knew JavaScript security? Well, you don't. At least not as well as you thought you did. From CSRF to crypto, I'm going to teach you everything you absolutely must know to write secure JavaScript, especially web applications in particular, both front and backend. An emphasis will be put on teaching *practical* techniques and *best practices* that you can immediately go back to your company or organization and implement.

Among the topics we will cover are preventing common and not-so-common but still critical vulnerabilities in JavaScript code, ranging from CSRF, command injection, improper password handling, broken authentication and authorization, bad cryptography, and more. We will also cover the best practices when attempting to write secure JavaScript code, on both the front and backend. From things like properly implementing user management schemes to as high-level as convincing your co-workers that security *does matter*, we will explore as much as possible in the time we have together.

Best of all, you *don't have to have security experience*! Come as you are and dive into the intertwined worlds of JavaScript and security and learn how to write the most secure JavaScript and Node.JS applications of your life.

EVENT: Nodevember 2016

SPEAKER: Jared Smith

PERMISSIONS: The original video was published on the Nodevember YouTube channel with the Creative Commons Attribution license (reuse allowed).


Comments for video: