Difference between revisions of "2011 11 16 Manchester"

From OWASP
Jump to: navigation, search
(Created page with "== Manchester Chapter meeting 2011 November 16th== This was the second [https://www.owasp.org/index.php/Manchester Manchester Chapter] meeting, and was once again very kindly...")
 
Line 12: Line 12:
  
 
'''Talk: Policy is the best honesty'''
 
'''Talk: Policy is the best honesty'''
 +
 +
'''Slides: '''
 +
* [[File:OWASP_Manchester_HonestyIsTheBestPolicy.pps]]
  
 
Technology is rapidly emerging and maturing to enable connectivity and interoperability of a panoply of devices. The right investment relies on addressing workable, realistic policies first.  
 
Technology is rapidly emerging and maturing to enable connectivity and interoperability of a panoply of devices. The right investment relies on addressing workable, realistic policies first.  

Revision as of 08:24, 15 December 2011

Manchester Chapter meeting 2011 November 16th

This was the second Manchester Chapter meeting, and was once again very kindly hosted by KPMG.


OWASP Chapter introduction. OWASP values and membership. Chapter information.

Simon Bennetts OWASP Manchester board member

Slides:

Talk: Policy is the best honesty

Slides:

Technology is rapidly emerging and maturing to enable connectivity and interoperability of a panoply of devices. The right investment relies on addressing workable, realistic policies first. Daniel will tell you about what NCC members are doing to allow staff to 'BYOD' and build pragmatic iPolicies.

Speaker: Dr Daniel Dresner, Head of Information Assurance Practice, National Computing Centre


Talk: Non-alphanumeric code in JavaScript and PHP

Understanding how to create non-alpha code leads to a deeper understanding on how the particular language works.

Gareth shall discuss the history of non-alpha JavaScript, the challenges and creativity behind it.

How can you decode:

$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")
[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};
$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])
+($.$=(!""+"")[$.__$])+($._=(!""+"")[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!""+"")[$._$$]+
$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+"\""+$.$_$_+(![]+"")[$._$_]+$.$$$_+"\\"+
$.__$+$.$$_+$._$_+$.__+"("+$.__$+")"+"\"")())(); 

Gareth will explain.

Gareth shall also cover how to create this in PHP and what techniques are involved.

Speaker: Gareth Heyes is an independent security researcher who specializes in browser and JavaScript research. He has authored many free online tools and sandboxes including Hackvertor and JSReg.