PyCon Pune 2018

PyCon Pune

The Complexity of Security

Submitted by heartsucker (@heartsucker) on Sep 14, 2017

Technical level: Advanced Status: Shortlisted


There’s often the misconception about security that it can be bolted on like the S that was add to HTTP to “magically” make we web secure, but the reality is that a secure web app needs to be designed as such from the ground up. Even so, extensive analysis and testing is required to be able to meet the minimum criteria of “not insecure.” This talk will be a case study on SecureDrop, a reasonably secure Python webapp, where we will discuss the threat model, design decisions, implementation, and testing of the application. These concepts will be generalized to other real world cases.


This talk will start by introducing SecureDrop, a Python web application that allows individuals to anonymously communicate with and leak documents to journalists. Next, we will briefly discuss the threat model used in dictating SecureDrop’s design by looking at attacker goals and assumed capabilities. We will then discuss the design of the application looking at both design successes and design failures as well as how these decisions were implemented. From there, we will touch on testing, both unit and functional, to ensure that the matches the design spec in our heads. Last, will map all of the above concepts back from SecureDrop-specific to more general uses cases.


Should be familiar with basic web security topics

Speaker bio

Heartsucker lives in Berlin and is a volunteer for the Freedom of the Press Foundation. He maintains SecureDrop, a number of small Rust crates, and some glorified bash scripts. At his day job, he’s a security engineer for an automotive software company.



{{ errorMsg }}

You need to be a participant to comment.

Login to leave a comment