Trust issues: trouble in package paradise

This last year has seen attacks like the compromising of event-stream package in the JavaScript ecosystem. It clearly demonstrated that attackers injecting malicious code into libraries we use is not just a theoretical problem, but something that happens in practice.

We'll talk about how the new version of Hoplon helps mitigate this problem using public key cryptography and a simple trust model - all of that without the need for a trusted third party or abandoning the common package ecosystem.

OBJECTIVES

Describe the dangers of the standard way of using third-party packages.

Propose a simple solution to the problem that can be used by organisations and individuals alike.

TARGET AUDIENCE

Anyone working on Elixir applications that handle sensitive information.

Upcoming conferences

Start booking your calendar with more Code Sync conferences happening across the globe. We will be slowly releasing more dates, in the meantime here is what we’ve planned already:

All conferences