April 20 – 22, 2020 | London

Watching them watching us: Catching websites leaking sensitive data to third-parties!

This talk originates from the archive. To the CURRENT program
Until December 19th: ✓ Full Stack Day for free ✓ Save up to £515 ✓ Group discount Register now
Wednesday, October 23 2019
10:15 - 10:45
Forum 1

An organization with a primary digital product that lacks even basic data security practices is living in a Utopian world where people leave their safe open and never expect a burglar to walk in. With the advent of SaaS, companies are relying more on more on third-party services for CDNs, analytics, recommendations, loyalty, advertisements, email marketing, etc. But not so much effort is being put in ensuring what data is being shared with these third-parties. As an example: The URL is the most commonly tracked piece of information, the innocent choice to structure a URL based on page content can make it easier to learn a users’ browsing history, address, health information or more sensitive details. They contain sensitive information or can lead to a page that contains sensitive information. But just by adding a simple code snippet in our webpage, for analytics, fonts, etc is enough to leak sensitive data. This talk will focus on creating awareness among developers: How websites are leaking sensitive data with third-parties, how can we audit our apps, to detect such leaks and how we can prevent leaks of sensitive data to third-parties.





Best-Practises with Angular


One of the most famous frameworks of modern days

Web Development & Architecture

DevOps, Testing, Performance, Toolchain & SEO


All about Node.js


From Basic concepts to unidirectional data flows