<

Jacek Królikowski

Creator of Rexbug and Hoplon, chronic optimiser

Jacek has been working full time with Elixir since 2016, building messaging products, payment networks, and open source projects. Before that he programmed for Microsoft and tried his luck in algorithms competitions. He loves simple yet powerful tools and interfaces that are hard to use wrong.

Upcoming conferences:

Jacek Królikowski
Code BEAM STO 2019

Trust issues: trouble in package paradise

This last year has seen attacks like the compromising of event-stream package in the JavaScript ecosystem. It clearly demonstrated that attackers injecting malicious code into libraries we use is not just a theoretical problem, but something that happens in practice.

We'll talk about how the new version of Hoplon helps mitigate this problem using public key cryptography and a simple trust model - all of that without the need for a trusted third party or abandoning the common package ecosystem.

OBJECTIVES

Describe the dangers of the standard way of using third-party packages.

Propose a simple solution to the problem that can be used by organisations and individuals alike.

TARGET AUDIENCE

Anyone working on Elixir applications that handle sensitive information.