English Español français rss
> Accueil > Programme > Systèmes et sécurité

LinuxFr.org : security oriented feedback on high traffic web site

Traduction(s) de cet article : français
Intervenant(s) :Benoit Sibaud, Bruno Michel
Type d'événement :Conférence
Date :Jeudi 9 juillet 2009
Horaire :09h00
Durée :40 minutes
Langue :Français
Lieu :Salle E123 - Isitem

Description : This talk will make a feedback on the LinuxFR.org website (an eleven years old website) from a security point of view.

LinuxFr.org as a high traffic web site which stores personal datas has a lot of experience in the security area : information leaking, XSS and CSRF breaches, random generation errors, social engineering against LinuxFr.org users and more.

We will disclose our security problems and the solutions we used because LinuxFr.org is a site by the free software community for the free software community. Security by obscurity is not the way we want to use, a way used by many gov or commercial sites.

This talk will not be very interesting for security experts but may be useful for security beginners or people having a web site and interested in its security.

Speakers : Benoit Sibaud et Bruno Michel.

Benoit Sibaud : engineer in a network R&D center. April.org president. LSM/RMLL organization member since 2005 (2009 Communities topic co-chairman).

Bruno Michel : web projects lead developper.

Portfolio

Documents joints

Document (PDF - 287.3 ko)