NodeJS: Remote Code Execution as a Service

Presented at Kiwicon X: The Truth is In Here (2016), Nov. 18, 2016, 3 p.m. (15 minutes)

It is a period of civil war. You, mighty MODERN JAVASCRIPT DEVELOPER (insane person) wield the power of cutting-edge hipster technologies on your NodeJS utility belt. With npm, you can swap-in other people's code^W^W^W any new hipster technology you want with a single command, ready to deploy to your production environment at a moment's notice. Sipping your salted-caramel spiced chai latte, you pleasantly think to yourself "It's so wonderful that NodeJS and npm are such great things, I couldn't possibly imagine a way in which they could ever go bad". You sit peacefully, knowing that everything in life is so serene and secure. In this talk, we crush your hopes and dreams of using NodeJS for anything in a safe way. We talk a little bit about trust, why you shouldn't have any, and restore freedom to the galaxy...


Presenters:

  • Jeff "Peabnuts123"
    Jeff "peabnuts123" is a Software Developer with a bit of an interest for security on the side. He has spent the last few years bashing his head against the wall in the modern javascript world, but also has irons in many fires not related to web development. Frequently starts projects on a whim. Generally speaks in superlatives. Ask him about Lua if you don't wish to speak about anything else for the rest of the night.

Links:

Similar Presentations: