24 Jul 2004

I'll be spending this week in Portland, Oregon at the O'Reilly Open Source Convention.

I'm giving a talk on the PHP track called Securing PHP Sessions that should be interesting. I'll be focusing on topics such as session fixation and session hijacking, and I'll demonstrate some methods to complicate these attacks and make your session mechanism a bit stronger.

I'm also giving a talk on the Security track called Foiling Cross-Site Attacks. I'll be discussing cross-site scripting and cross-site request forgeries. All examples are in PHP, although the talk is applicable to all Web developers.

Lastly, I'm teaching a tutorial, PHP Security. I have put a lot of work into preparing for this, and I think it's going to be a lot of fun. The workbook itself is 55 pages, and I plan to make a PDF of that available after I put my slides up.

I hope to see some of you there.