February 26-28, 2014
Montreal, Canada
Hacking with Gems
What's the worst that could happen if your app has a dependency on a malicious gem? How easy would it be to write a gem that could compromise a box?
Much of the Ruby community blindly trusts our gems. This talk will make you second guess that trust. It will also show you what malicious gems can do, how an attack could be executed, how to vet gems, and what the Ruby community can do to increase security around gems.
Much of the Ruby community blindly trusts our gems. This talk will make you second guess that trust. It will also show you what malicious gems can do, how an attack could be executed, how to vet gems, and what the Ruby community can do to increase security around gems.
Benjamin Smith
Pivotal Labs
Benjamin Smith is a developer at Pivotal Labs. He has a strong passion for TDD, pairing, Agile and using technologies that get out of the programmer's way. When not writing code, he follows his other passions into the outdoors to rock climb, back country snowboard, and surf.
Montreal 2014 sponsored by
