James Roper, TweetJava developer, Atlassian
Biography: James Roper
James found breaking into behind the firewall systems at a manufacturing plant too easy when he started his career, so he moved to Atlassian where he could challenge himself in finding vulnerabilities in web facing systems. When he's not causing strife, he's a Java developer working on Atlassians hosted systems, and has a keen interest in open social web standards.
Software passion: Breaking not just software, but common software practices and understandings, and making them stronger as a result.
Twitter name: @jroper
Company blog: http://blogs.atlassian.com/developer/jroper/
Personal blog: http://jazzy.id.au
Other information/projects: James is a committer for Pebble and the Maven CLI plugin.
Presentation: Tweet"Predictably Random"
Random numbers are secure as long as you choose a good seed, right? This was my assumption until I actually did some reading on the topic. I found that many web developers know very little about pseudo random number generation, and in a security context, this can prove deadly. I'm going to show how simple it is, with almost no maths, to break into a system that is using random numbers badly. I'll follow this up with advice on how to safely generate secure random tokens on any platform.
Keywords: Security, code reviews, random numbers, hacking
Target audience: Any web developers that find the maths behind cryptography and pseudo random number generation scary, and anyone who is interested in delivering secure web applications.