How Cybercriminals Steal Money
March 13, 2010 by tax explained
Filed under video
Google Tech Talks June, 16 2008 ABSTRACT Attend this session and learn how you can prevent today’s most significant data security vulnerabilities—the kind that leave businesses open to fraud that ranges from capturing tens of millions of credit card numbers to stealing money from bank accounts to constructing next-generation botnets. We’ll review how cross-site request forgery, cross-site script inclusion and SQL injection attacks work and discuss their impact on Web 2.0, AJAX, mashup and social networking applications. We’ll present industry-wide statistics on security vulnerabilities, cover emerging security trends and discuss the current state of security education. Then we’ll tell you how to defend against security attacks and how to modify your software development process to achieve security, and we’ll recommend certification programs, books and organizations that can help you secure your applications. Speaker: Neil Daswani Neil Daswani has served in a variety of research , development, teaching, and managerial roles at Google, Stanford University , docomo USA Labs, Yodlee, and Bellcore (now Telcordia Technologies). While at Stanford, Neil cofounded the Stanford Center Professional Development (SCPD) Security Certification Program (proed.stanford.edu His areas of expertise include security, wireless data technology, and peer-to-peer systems. He has published extensively in these areas, frequently gives talks at industry and academic conferences, and has been granted …
i’ll leave comments anytime i want
@VFEntertainment123
NEVER LEAVE A COMMENT EVER AGAIN.. YOU LOST YOUR RIGHTS AFTER LEAVING A COMMENT THAT STUPID
This guy used to work for Google
I hope to god that he actually knows and understands more than he talks about here because this is just a load of shit. He doesn’t even explain the real uses of XRSF properly. Such as using XSS javascript to totally emulate user function onto another website.
Google RUNS the internet, they DO have the world’s fastest servers. The YouTube limit is 10 minutes, this is one hour…That’s because they have CONTROL, they OWN YouTube. And if they can upload an hour the same time it takes a 10 minute clip to upload, than they have the fastest servers.
google tech talks…. they are all that length….
@VFEntertainment123 wtf they dont have the worlds fastest servers
i guess this is youtube’s longest vid.. 55 minutes WTF
Hmm, intresting vidieo. Thanks for uploading.
22 minutes in and I’m sorry, but this is not a very good talk.
If you know a uservalue inserted into a query should contain an integer, convert it to an integer. No regex needed. Then he talks about converting a single quote to a double quote, when really it’s 2 single quotes.
Now he’s talking about doing everything in mod_security. This only works for in-house apps. If you distribute the app you won’t know how the server’s configured so you’ll have to do security inside the app.
This talk is misnamed. It should have been titled something like “Basic web vulnerabilities - SQL injection, XSRF, XSS, etc.” Same ol’ same ol’.
I was expecting something about electronic money laundering and was therefore disappointed.
o_O now i hate my credit cards even more
They are Google, they have the world’s fastest computers…
HOLY CRAP 55:Minutes! to upload wow i dont want to know how long? 10 minutes is my life! wow this might take a year for me to upload!
that guy is talking too f ast
watch this video to learn how to make thousands of dollars in Adsense WITHOUT having a website ..its free software .
youtube(dot)com/watch?v=PvYZtpCuk2A
Do I know that nerd?
i wouldent do this for anything in the world stealing all together is wrong i work my ass off to pay for anything and everything i have
annoying ass sand nigger
No shit.
And stuck in the early 90s I see.
haha yeah its so jam packed
i guess they had a good turn out… all the chairs all filled with lots of people
You Rock! The Awesome Mayor of awesometown, that’s who you are. We would like to make you a website, to show our love.
As long as you have DBMS, XSS will be possible
Any type of portable code (for commercial use) will always be hacked.
—-Moral of the story—– make your on scripts and Algorithmic Daemons
At the Google Tech Talk. Weren’t there like any convictions or reports of cybercrime? I mean if tech has no were to be but I mean this is serious for a reason. Stealing people’s money over the internet. That happened to a friend of mine. So why doesn’t google make an internet purchasing security application were in everybodies web browser let’s say I was on my current web browser google chrome you guys can make a reminder or a pop up so we can know that it is not a trusted buying site.
very bad