In this talk we will demonstrate and unveil the latest developments on browser-based side channel attacks including state-of-the-art mechanisms to compromise confidentiality on SSL, perform login and history detection, successfully serve mixed content, embedded data URIs, compression, cache and timing side channels. This is a practical presentation with live demos aiming to push the limits of what is possible with today’s web clients.

Bio: Angelo Prado is a Senior Product Security Manager at Salesforce.com. He has worked as a software and security engineer for Microsoft and Motorola. Angelo has been involved with the security community for over 8 years, speaking at Black Hat USA, Hacker Halted, ToorCon, SecTor and GSICKMinds. Angelo is a Computer Science alumni from Universidad Pontificia Comillas, Madrid and has also attended University of Illinois at Urbana-Champaign. His passions & research include web application security, windows security, browsers, machine learning, malware analysis and Spanish Jamón.

Back to TakeDownCon Rocket City 2014 video list