Dr. Christoph Kerschbaumer
Manager, Security Engineering Mozilla
Towards a Secure and Privacy-Respecting Web
Friday, April 5th, 2024 10:00am
Luddy 2005
Abstract: The Hypertext Transfer Protocol, generally displayed as http in a browsers address-bar, is the fundamental protocol through which web browsers and websites communicate. However, data transferred by the regular http protocol is unprotected and transferred in cleartext, such that attackers are able to view, steal, or even tamper with the transmitted data. Carrying http over the Transport Layer Security (TLS) protocol, generally displayed as https in the address-bar of a browser, fixes this security shortcoming by creating a secure and encrypted connection between the browser and the website. Over the past few years we have witnessed tremendous progress towards migrating the web to rely on https instead of the outdated and insecure http protocol. Within this talk we will highlight initiatives from browser vendors as well as community efforts to accelerate the migration from http to https and explore additional privacy mechanisms within a web browser which eventually will provide a browsing experience we want: secure and privacy-respecting!
About the speaker: Christoph Kerschbaumer has over two decades of experience in software engineering and computer security. His work ranges from designing secure systems with fail safe defaults to fighting cross site scripting to preventing man-in-the-middle attacks. Currently he manages the Firefox Security Engineering team at Mozilla and is mentoring software engineers around the world. He received his PhD in Computer Science from the University of California, Irvine where he based his research on information flow tracking techniques within web browsers. Prior to being a graduate research scholar, he received a M.Sc. and B.Sc. in Computer Science from the Technical University Graz, Austria.
Website:https://christophkerschbaumer.com/
Zoom Link: https://iu.zoom.us/j/89165718571