• Home

  • Schedule

  • Speakers

  • Registration

  • Call For Proposals

  • Our Sponsors

  • Financial Aid

  • FAQ

  • Blog

  • Contact Us

  •  

    Sponsors
    Screen Shot 2016-07-15 at 8.37.57 PM
    Screen Shot 2016-07-15 at 8.37.57 PM
    Bloomberg
    Bloomberg
    HERE_Logo_RGB (1)
    HERE_Logo_RGB (1)
    new-twitter-logo-150x150_edited
    new-twitter-logo-150x150_edited
    Yelp
    Yelp
    sentry
    sentry
    Google
    Google
    Google
    Twist Bioscience
    Twist Bioscience
    Screen Shot 2016-08-05 at 3.09.22 PM_edited
    Screen Shot 2016-08-05 at 3.09.22 PM_edited
    cloudera_logo
    cloudera_logo
    sauce-labs200x200
    sauce-labs200x200
    hired-logo
    hired-logo
    PSF
    PSF
    shippo
    shippo
    twilio
    twilio
    Minted
    Minted
    Paypal-logo-20141
    Paypal-logo-20141
    anaconda-logo
    anaconda-logo
    microsoft-logo
    microsoft-logo
    eventbrite
    eventbrite
    Show More
    PyBay Connect
    • Meetup_square
    • White Twitter Icon

    Subscribe to PyBay Updates

    TOP

    Ashwini Oruganti

    Bio

    Ashwini is a Software Engineer at Eventbrite, and an open source developer living in San Francisco. In the past, she has worked on a pure Python TLS implementation through the Stripe Open Source Retreat, an asynchronous event-driven networking framework - Twisted, and a PHP implementation in RPython called HippyVM. She also served as a Director of the Python Software Foundation last year.

    Aug 20 1:00p - 1:40p, Robertson 3
    Introduction to HTTPS: A Comedy of Errors

    Security, Intermediate

    ​

    Description 

    Given recent increases in hostile attacks on internet services and large scale surveillance operations by certain unnamed government organizations, security in our software is becoming ever more important. We'll give you an idea of how modern crypto works in web services and clients, look at some of the common flaws in these crypto implementations, and discuss recent developments in TLS.

    ​

    Abstract

    In this talk I'll explain what happens behind the scenes when we try to establish a secure connection to a web site.
    I'll cover the common security flaws in popular TLS implementations like OpenSSL, and show how these issues can be avoided if we have a well-designed TLS implementation in a high level language like Python.
    Finally, I'll demonstrate and discuss how the API design of OpenSSL leads to application bugs, and a lack of abstract secure defaults leads to insecure applications.

    ​

    • Meetup_square
    • Black Facebook Icon
    • Black Twitter Icon