PHP security guy
Chris Shiflett is web developer from Brooklyn, NY, and a founding member of Analog, a web design and development co-operative.
He has authored and co-authored a few books — most notably Essential PHP Security and HTTP Developer’s Handbook — and written articles for publications like Smashing Magazine, where he serves on the editorial panel.
When not in front of a computer, Chris can usually be found playing soccer in Prospect Park or riding his single-speed bicycle around Brooklyn.
Security is more than filtering input and escaping output (FIEO), and it's more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn't even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception is as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I'll explore topics such as change blindness and ambient signifiers, and I'll show some real-world examples that demonstrate the profound impact human behavior can have on security.