How To Write Secure JavaScript Applications

author Coding Tech   9 мес. назад
41,915 views

939 Like   60 Dislike

The JavaScript Starter Kit Manifesto

You know minification, linting, testing, bundling, cache busting, transpiling and so on are important. But does your team do all this consistently? Likely not. That's why every team needs a starter kit. Let's discuss why it's so critical, and what belongs in the box. EVENT: Nodevember, November 2016 SPEAKER: Cory House PERMISSIONS: The original video was published on Nodevember YouTube channel with the Creative Commons Attribution license (reuse allowed). ORIGINAL SOURCE: https://www.youtube.com/watch?v=QGCWal_JWek

10 Times Michio Kaku Arguments Blew Our Minds

If you like this video don't forget to like and subscribe http://goo.gl/dgHQSp ==================================================== Follow us: * Facebook: https://goo.gl/2dSG31 * Twitter: https://goo.gl/IMm1ig * Site: https://goo.gl/qBX8hJ ==================================================== Michio Kaku is the co-founder of String Field Theory and is the author of international best-selling books such as Hyperspace, Visions, and Beyond Einstein. Michio Kaku is the Henry Semat Professor in Theoretical Physics at the City University of New York. 10 Times Michio Kaku Arguments Blew Our Minds ==================================================== FAIR-USE COPYRIGHT DISCLAIMER * Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, commenting, news reporting, teaching, scholarship, and research. - This video has no negative impact on the original works - This video is also for research and commenting purposes. - It is not transformative in nature. - we only used bits and pieces of videos to get the point across where necessary. If you have any issues with our "Fair Use", please contact us directly, for an amicable and immediate attention. Sciencetodaytv@gmail.com Thank you in advance for your understanding and cooperation.

And You Thought Designing Buttons Was Easy

Buttons are arguably a design system’s most important component. Devilishly simple, they offer a simple label in a defined region you can press. As such, buttons are where you apply a design language’s base attributes in ways that’ll ripple throughout more complex component later. In this talk, Nathan will cover 12 lessons that he has learned when working on primary buttons, secondary buttons, and a whole host of other button types in an emerging system. EVENT: SmashingConf, New York, June 2017 SPEAKER: Nathan Curtis PERMISSION: Event Organizer provided Coding Tech with the permissions to republish this video.

Angular vs React.js vs Vue.js - My Thoughts!

Angular, React.js or Vue.js? I get this question a lot! Let me share some thoughts on it with you! Early bird offer - Join my course on this topic for only $10: https://www.udemy.com/angular-reactjs-vuejs-quickstart-comparison/?couponCode=YOUTUBE_PROMO Introductions to all three frameworks + detailed comparison included! Want to dive deeper into React or Angular or Vue? React - The Complete Guide for only $12: https://www.udemy.com/react-the-complete-guide-incl-redux/?couponCode=ACAD_YT Angular - The Complete Guide for only $15: https://www.udemy.com/the-complete-guide-to-angular-2/?couponCode=YOUTUBE_2 Vue.js 2 - The Complete Guide for only $15: https://www.udemy.com/vuejs-2-the-complete-guide/?couponCode=YOUTUBE_VUE Want to read instead of watch? Here you go! https://academind.com/learn/javascript/angular-vs-react-vs-vue-my-thoughts/ JS Framework Benchmark: https://github.com/krausest/js-framework-benchmark You can follow Max on Twitter (@maxedapps), like us on Facebook (https://www.facebook.com/academindchannel/) or visit our Website (https://www.academind.com). See you in the videos!

Will Quantum Computers break encryption?

How do you secure messages over the internet? How do quantum computers break it? How do you fix it? Why don't you watch the video to find out? Why does this description have so many questions? Why are you still reading? What is the meaning of life? Facebook: https://www.facebook.com/frameofessence Twitter: https://twitter.com/frameofessence YouTube: https://www.youtube.com/user/frameofessence CLARIFICATIONS: You don't actually need a quantum computer to do quantum-safe encryption. As briefly mentioned at 7:04 , there are encryption schemes that can be run on regular computers that can't be broken by quantum computers. CORRECTIONS: [2:18] Technically, you can use any key to encrypt or decrypt whatever you want. But there's a specific way to use them that's useful, which is what's shown in the video. [5:36] In RSA, depending on exactly what you mean by "private key", neither key is actually derivable from the other. When they are created, they are generated together from a common base (not just the public key from the private key). But typically, the file that stores the "private key" actually contains a bit more information than just the private key. For example, in PKCS #1 RSA private key format ( https://tools.ietf.org/html/rfc3447#appendix-A.1.2 ), the file technically contains the entire public key too. So in short, you technically can't get the public key from the private key or vice versa, but the file that contains the private key can hold more than just the private key alone, making it possible to retrieve the public key from it. Video links: Encryption and HUGE numbers - Numberphile https://youtu.be/M7kEpw1tn50 The No Cloning Theorem - minutephysics https://youtu.be/owPC60Ue0BE Quantum Entanglement & Spooky Action at a Distance - Veritasium https://youtu.be/ZuvK-od647c Sources: Quantum Computing for Computer Scientists http://books.google.ca/books/about/Quantum_Computing_for_Computer_Scientist.html?id=eTT0FsHA5DAC Random person talking about Quantum MITM attacks http://crypto.stackexchange.com/questions/2719/is-quantum-key-distribution-safe-against-mitm-attacks-too The Ekert Protocol (i.e. E91) http://www.ux1.eiu.edu/~nilic/Nina's-article.pdf Annealing vs. Universal Quantum Computers https://medium.com/quantum-bits/what-s-the-difference-between-quantum-annealing-and-universal-gate-quantum-computers-c5e5099175a1 Images, Documents, and Screenshots: Post-Quantum Cryptography initiatives http://csrc.nist.gov/groups/ST/post-quantum-crypto/cfp-announce-dec2016.html http://pqcrypto.eu.org/docs/initial-recommendations.pdf Internet map (Carna Botnet) http://census2012.sourceforge.net/ Quantum network maps https://www.slideshare.net/ADVAOpticalNetworking/how-to-quantumsecure-optical-networks http://www.secoqc.net/html/press/pressmedia.html IBM Quantum http://research.ibm.com/ibm-q/ Music: YouTube audio library: Blue Skies Incompetech: Jay Jay Pamgaea The House of Leaves Premium Beat: Cutting Edge Technology Second Time Around Swoosh 1 sound effect came from here: http://soundbible.com/682-Swoosh-1.html ...and is under this license: https://creativecommons.org/licenses/sampling+/1.0/

Thought you knew JavaScript security? Well, you don't. At least not as well as you thought you did. From CSRF to crypto, I'm going to teach you everything you absolutely must know to write secure JavaScript, especially web applications in particular, both front and backend. An emphasis will be put on teaching *practical* techniques and *best practices* that you can immediately go back to your company or organization and implement.

Among the topics we will cover are preventing common and not-so-common but still critical vulnerabilities in JavaScript code, ranging from CSRF, command injection, improper password handling, broken authentication and authorization, bad cryptography, and more. We will also cover the best practices when attempting to write secure JavaScript code, on both the front and backend. From things like properly implementing user management schemes to as high-level as convincing your co-workers that security *does matter*, we will explore as much as possible in the time we have together.

Best of all, you *don't have to have security experience*! Come as you are and dive into the intertwined worlds of JavaScript and security and learn how to write the most secure JavaScript and Node.JS applications of your life.

EVENT: Nodevember 2016

SPEAKER: Jared Smith

PERMISSIONS: The original video was published on the Nodevember YouTube channel with the Creative Commons Attribution license (reuse allowed).

ORIGINAL SOURCE: https://www.youtube.com/watch?v=POmnL-PruAs&t=4s

Comments for video: