I have two years of professional experience in automated software testing at Nokia in Kraków. I am still student of ICT at the AGH University of Science and Technology. I organized the Test Dive 2018 conference in Krakow and coordinate many other projects. I am also interested in project management. I have my place in Google’s Hall of Fame – beneficiary of the Google Vulnerability program.
How to accidentally earn 5k $? Authentication bypass in Google Docs.
I would like to show you which mistakes in architecture or implementation led to bug allowing you bypass authentication in Google Docs app easily. I will show you a step-by-step case study how I found the bug in Google Forms. I will also share examples of similar bugs in other applications. You will learn how important might be decision made during design process and what can lead to serious incidents. I will also tell you how the report process looks like and where you can report a bug by yourself.
Język prezentacji (Presentation language): English
Poziom słuchaczy (attendee level): wszyscy (all)