Completed
HTTP Strict Transport Security
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Chrome Security Secret Sauce
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Disclaimers
- 3 Chrome's Core Principles
- 4 Chrome Security Team
- 5 Browser Security?
- 6 Top Threats on the Web
- 7 Browser Exploits Malicious code that aims to achieve remote code execution on victim's computer by exploiting a security bug in the browser.
- 8 Counterthreat Step 1: Find and fix security bugs. Update users.
- 9 Find Bugs via Fuzzing
- 10 Pay for Bugs
- 11 Pay for Exploits
- 12 Fix Bugs, Update Users. Fast.
- 13 Defense in Depth
- 14 Process Sandboxing
- 15 Plugin Sandboxing
- 16 Plugin Blocking
- 17 Phishing & Malware Sites Get a user to visit or load a malicious website that either (a) phishes their personal data or (b) delivers some malicious payload leg malware .
- 18 Block Badness
- 19 Find Badness
- 20 Notify of Badness
- 21 Attacks to SSL Violate the security and privacy guarantees of SSL to steal user information
- 22 Gimme some SSL!
- 23 SSL Protocol Handshake
- 24 Man-in-the-Middle Attack
- 25 Certificate Pinning Chrome comes preloaded with the certificates it expects to see for Google-owned websites, and if it does not see one of those when it visits a Google owned website, it shows an er…
- 26 Certificate Pinning FTW!
- 27 HTTP Strict Transport Security
- 28 HSTS Whitelisted Services
- 29 Closing Thoughts Browser security matters. It should be a factor in choosing the software you use.
- 30 Questions? Complaints?