Black Friday 2024: 25+ Ways to Save on Online Learning

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Chrome Security Secret Sauce

Strange Loop Conference via YouTube

Start learning Write review

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Grab it
Explore Chrome's security features and strategies in this 41-minute conference talk from Strange Loop 2013. Dive into the browser's core principles of speed, simplicity, and security as Google's "Security Princess" Parisa Tabriz discusses current online threats and Chrome's protective measures. Learn about the Chrome security team's philosophies, successes, and ongoing challenges in browser security. Discover how Chrome tackles top web threats, including browser exploits, phishing, malware, and SSL attacks. Gain insights into Chrome's multi-layered defense approach, featuring process sandboxing, plugin management, and certificate pinning. Understand the importance of browser security in today's digital landscape and how it should influence your software choices.

Syllabus

Intro
Disclaimers
Chrome's Core Principles
Chrome Security Team
Browser Security?
Top Threats on the Web
Browser Exploits Malicious code that aims to achieve remote code execution on victim's computer by exploiting a security bug in the browser.
Counterthreat Step 1: Find and fix security bugs. Update users.
Find Bugs via Fuzzing
Pay for Bugs
Pay for Exploits
Fix Bugs, Update Users. Fast.
Defense in Depth
Process Sandboxing
Plugin Sandboxing
Plugin Blocking
Phishing & Malware Sites Get a user to visit or load a malicious website that either (a) phishes their personal data or (b) delivers some malicious payload leg malware .
Block Badness
Find Badness
Notify of Badness
Attacks to SSL Violate the security and privacy guarantees of SSL to steal user information
Gimme some SSL!
SSL Protocol Handshake
Man-in-the-Middle Attack
Certificate Pinning Chrome comes preloaded with the certificates it expects to see for Google-owned websites, and if it does not see one of those when it visits a Google owned website, it shows an error page to the user and will not let the user continue.
Certificate Pinning FTW!
HTTP Strict Transport Security
HSTS Whitelisted Services
Closing Thoughts Browser security matters. It should be a factor in choosing the software you use.
Questions? Complaints?

Taught by

Strange Loop Conference

Tags

Reviews

Start your review of Chrome Security Secret Sauce

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.