Marcus Bointon

Marcus Bointon

I'm responsible for Smartmessages.net, support 1CRM in the UK, and pentest and write for Radically Open Security in the Netherlands. I'm the maintainer of PHPMailer (a top-10 PHP project on GitHub), participate in many other OSS projects, and spend too much time answering questions on Stack Overflow. I'm a Linux sysadmin, MySQL DBA, and security consultant. I've spoken at technical conferences in Europe and the US. I live in the French alps with my wife, kids, guitars, skis, and bikes.

Montreal 2018 sessions

Strong crypto for everyone - libsodium in PHP 7.2

English session - Intermediate

PHP 7.2 includes the libsodium cryptography library by default in the base language - the first time that a popular language has shipped with strong, modern crypto support as standard. Everyone can build secure apps without the risks of rolling your own crypto or using outdated libraries. So what's in libsodium? What kind of things can you do? What mistakes does it prevent you making? What risks remain?

Tales from the wrong end

English session - Beginner

I'm the maintainer of a very popular open-source PHP package - PHPMailer. In December 2016, two critical vulnerabilities were found in PHPMailer, affecting potentially millions of sites. I'd been involved in reporting minor security issues in the past, but nothing of this magnitude, and never at the receiving end. I found myself at the start of a steep learning curve and an emotional roller-coaster; a story of open source, CVEs, and people.