Today at the Claremont Resort in Berkeley California, I attended the Web 2.0 Security and Privacy workshop. It was was sponsored by IEEE, whom just finished their Symposium on Security and Privacy yesterday. The papers for the Web 2.0 Security and Privacy workshop are now available, and can be found on the program page. Presentations should be online soon.
Like the USENIX UPSEC and LEET workshops, most of the presentations came from academia. At least this time the crowd was more balanced. Of the fifty or so people that attended, about twenty were from universities, and the rest were from companies.
I enjoyed many of the talks, especially Collin Jackson and Adam Barth’s Beware of Finer-Grained Origins presentation, and of course Niels Provos’ All Your iFrames Are Point to Us keynote.
So were there any cool tools or resources announced at the workshop? I’m not sure about new releases, but there were a couple neat things.
- SafeBrowsing Diagnosis by Google – http://google.com/safebrowsing/diagnostic?site=[domain] – Very useful online tool for hooking into the Google’s malware database.
- SafeLock Firefox extension by Stanford Web Security Research – Useful tool to track origin contamination.
- ForceHTTPS Firefox extension by Stanford Web Security Research – Force secure connections so there is no origin contamination in the first place.
- Web Hypertext Application Technology Working Group (WHATWG) – Something like the W3C HTML working group. Some interesting technical bits on their blog and mailing list.