Tech Talk with Emily Stark

6:30pm-9:00pm

Web security in Meteor

Modern applications written in JavaScript are vulnerable to many of the same attacks, like XSS and CSRF, that threaten traditional web apps. But defending against them requires new tools and techniques. This talk will describe some of the security conventions and tools we're developing in Meteor, a full-stack JavaScript framework.

About Emily Stark:

Emily's research contributions span several topics in security and cryptography. As an undergraduate at Stanford, Emily coauthored SJCL, a JavaScript public- and private-key cryptography library that is highly optimized for speed and code size. She also developed a method for prefetching TLS certificates to enable zero-round-trip handshakes. As a graduate student at MIT, she researched techniques to automatically partition applications into trusted and untrusted environments, and explored the use of client-side cryptography to keep user data secret from the web server in an application framework.