Now you can trust the browser.

Ben Gidley, Tim Charman

Developers are taught to 'never trust the browser' to execute their client-side JavaScript. The inability for a developer to trust a browser has far reaching implications from not trusting client-side validation, to never being really sure the TLS connection doesn't have a man-in-the-middle. Software security such as white-box cryptography & obfuscation have been used in native environments for many years, but these techniques are hard in JS. We'll explain how these techniques can now be applied to JS code running in a web browser to secure it from MITM attacks.

Language: English

Level: Intermediate