Burning the Garden Wall: Usable Content Security for the Web*
Want to build secure and powerful applications inside your favorite web communities? Learn about application-injection, a new augmented browsing method built into the Privly application stack.
The browser extension Greasemonkey supports thousands of scripts that alter the web browsing experience. With Privly, we extended Greasemonkey’s augmented browsing from simple scripts, to application injection, meaning that we inject full applications into the host page.
Privly allows you to:
- Build applications spanning social networks, web mail, and forums.
- Interact with applications on websites (Facebook, Twitter, etc) without allowing them to access the content. Privacy and security are built into the stack.
- Provide for fault-tolerance in instances where the user does not have the extension installed.
- Build APIs spanning the user accounts of multiple online service providers.
This talk will focus on the issues and solutions surrounding injecting applications into web sites, including:
- Methods of application injection.
- Usability in no-boundaries ecosystems.
- Security solutions for spoofing, clickjacking, message passing, tracking, DDOS, and phishing.
* Oregon State University Linux Users Group: Spring 2012, Winter 2013
* Open Source Bridge: 2012, Hacks Track, “How to Encrypt Your Content on Any Website”
* Speaking example video: http://vimeo.com/38477052
* Various Research Presentations at Oregon State University
* Beaver Bar Camps, Fall 2012, Spring 2012
* Speaking example video (still under development): https://dev.privly.org/impress-video/demos/PrivlyOutline.html
Oregon State University
Sean is a Ph.D. candidate in Machine Learning at Oregon State University, and leads the development of Privly outside his research in reinforcement learning. He has been experimenting with web privacy concepts since 2009. In addition to the Privly project, Sean has developed numerous commercial or FOSS projects, including a wildlife observation system (iNaturalist.org), a healthcare eligibility portal, and a 100 year forest growth and fire simulator.