MozCampAsia2012/Schedule/desktopandmobile/Cost of security for addons

Title of Session (should also be the title of your Wiki page): Cost of security for addons

Facilitator(s): Gabor Krizsanits

Are you paid or volunteer staff?: Paid

Area of Contribution (Team Name): Jetpack

How are you currently involved with the community?: Bugzilla, sometimes meeting up with Hungarian members of the community

Location of Work (where do you reside?): Hungary

Talk Length (please choose between 30, 60, 90, 120 minutes): 30 (if the interactive part brings up enough topics then 60)

Summary: Security is crucial on the web, and addon development is not an exception. Unfortunately security does not come for free. Many addon developers have to learn the hard way by bumping into all kind of security limitations. Finding a workaround is often hard and it can be extremely confusing. I will go through some example cases we have encountered in the past which will help them recognize and analyze better these issues in the future. For this I will introduce some security wrappers and their limitations. Also their impact on the Addon sdk, and some typical use cases. Also would like to talk about some new features and recent changes of the Addon sdk. Finally measure the performance cost of the security layer in different scenarios.

How your session furthers the MozCamp Goals: As far as I know addon development is crucial in the Asian region. Security wrappers often cause confusion, and in many cases even filing a useful bug about a case is not trivial. I hope my talk will help addon developers to resolve this cases, or write a better bug report in the future.

Expected Outcome or Deliverable: In the end, I'd like the audience to bring up issues they encountered. We will either solve them together or open bugs for them.

Desired Audience Type or Skill-set: Addon developers, who at least implemented one addon in the past. Not necessary Jetpack addon.

Equipment Needs (Video projector already included): Nothing special.