The linked page is okay for general information about the conference, but really poor for finding videos you might care about. You're forced to click through every speaker to see an embedded video and description of the talk. Much better for the video is to browse the youtube playlist [0], but this loses the specific information about the talk. Bummer.
Edit: Okay, so if you scroll up from where the submission links (#speakers), there is a link to watch the videos [1]. I did look at the entire page first, but missed the link because its target is a picture of a monitor.
Edit 2: So the video JS Bringing Crypto To The Masses caught my eye, and I spent the last remaining minutes of my lunch hour giving it a watch. The first 17 minutes and 45 seconds are about cryptography in general, and I won't make any judgement on this part. The last 6 minutes are left to talk about JavaScript, except not really. I admit the majority of my interest in this video was to see if the problems with doing cryptography in JavaScript were going to be responded to. The problems are not ignored, as the presenter immediately brings up the requisite matasano article [2]. Then he makes some vague claim that doesn't respond to the problems mentioned in the article. The majority of his time was spent on this:
His claim: Matasano is worried about a man in the middle attack and thinks that SSL is good enough.
His response: "I call bullshit. SSL is protection from other people on the wire. Cryptography is protection for you on the wire. Why should you trust me to store your data without reading it?"
This completely ignores the major issue of the execution environment with JavaScript cryptography. He actually does briefly mention these issues before making the point above, but offers no response. So, there is really no content in the talk about "bringing crypto to the masses." Disappointing.
I attended this conference and spoke with the presenter about his talk both before and after. My takeaway was that the presenter was trying to accomplish one thing: educate front-end developers who (rightly or not) have been characterized as unfamiliar or ignorant of cryptographic techniques with a survey of those techniques. I believe this was the sense "Bringing Crypto To The Masses" was meant.
I appreciated the energy and enthusiasm the speaker had for the subject matter and would be delighted if any of that transferred into his audience, but I don't feel it was effectively communicated. In the time constraints presented, even something as simple as, say, discussing what cryptographic hashing (or symmetric crypto or public key crypto or digital signing, take your pick) was and doing a deep dive only in this domain would have been a valuable experience and opened a lot of eyes. I'm fairly familiar with all the topics discussed during this talk and I had a difficult time following along with it. I can't imagine what the experience of the intended audience was or what they managed to glean from it.
If you're developing web apps using JavaScript, especially Angular or Backbone, I'd ask you to take 25 minutes to watch it and understand how important URLs are to the web, and how many JS developers currently treat them as an afterthought.
I work on Ember.js and lots of my thinking stems from that. Even if you don't use Ember, though, you can take these ideas back to your particular JS ecosystem. It's obvious to me that JavaScript is the future of the web, so we need to make sure we're doing our part to be good web citizens.
I went to this conference, and have to say it was an awesome experience. The format was casual yet organized, the speakers were knowledgeable, and the topics relevant.
6 comments
[ 3.3 ms ] story [ 19.9 ms ] thread[0] https://www.youtube.com/playlist?list=PLLiioAbFTbKP9CxF9Fu4_...
Edit: Okay, so if you scroll up from where the submission links (#speakers), there is a link to watch the videos [1]. I did look at the entire page first, but missed the link because its target is a picture of a monitor.
[1] http://2013.cascadiajs.com/videos
Edit 2: So the video JS Bringing Crypto To The Masses caught my eye, and I spent the last remaining minutes of my lunch hour giving it a watch. The first 17 minutes and 45 seconds are about cryptography in general, and I won't make any judgement on this part. The last 6 minutes are left to talk about JavaScript, except not really. I admit the majority of my interest in this video was to see if the problems with doing cryptography in JavaScript were going to be responded to. The problems are not ignored, as the presenter immediately brings up the requisite matasano article [2]. Then he makes some vague claim that doesn't respond to the problems mentioned in the article. The majority of his time was spent on this:
His claim: Matasano is worried about a man in the middle attack and thinks that SSL is good enough.
His response: "I call bullshit. SSL is protection from other people on the wire. Cryptography is protection for you on the wire. Why should you trust me to store your data without reading it?"
This completely ignores the major issue of the execution environment with JavaScript cryptography. He actually does briefly mention these issues before making the point above, but offers no response. So, there is really no content in the talk about "bringing crypto to the masses." Disappointing.
[2] http://www.matasano.com/articles/javascript-cryptography/
I appreciated the energy and enthusiasm the speaker had for the subject matter and would be delighted if any of that transferred into his audience, but I don't feel it was effectively communicated. In the time constraints presented, even something as simple as, say, discussing what cryptographic hashing (or symmetric crypto or public key crypto or digital signing, take your pick) was and doing a deep dive only in this domain would have been a valuable experience and opened a lot of eyes. I'm fairly familiar with all the topics discussed during this talk and I had a difficult time following along with it. I can't imagine what the experience of the intended audience was or what they managed to glean from it.
http://m.youtube.com/watch?feature=plpp&p=PLLiioAbFTbKP9CxF9...
If you're developing web apps using JavaScript, especially Angular or Backbone, I'd ask you to take 25 minutes to watch it and understand how important URLs are to the web, and how many JS developers currently treat them as an afterthought.
I work on Ember.js and lots of my thinking stems from that. Even if you don't use Ember, though, you can take these ideas back to your particular JS ecosystem. It's obvious to me that JavaScript is the future of the web, so we need to make sure we're doing our part to be good web citizens.
I'd definitely go back.
List of speakers = http://2013.cascadiajs.com/#speakers
List of talks/videos = http://2013.cascadiajs.com/videos
List of proposed talks (for the curious) = https://github.com/cascadiajs/2013.cascadiajs.com/tree/maste...