edwardmccaughan wants to give this talk
live demos of common security hacks
demonstration sql injection, xss, csrf, cookie stealing etc. against a deliberately insecure rails app.
I can do it in august, september or october
current code is at https://github.com/edwardmccaughan/unsecuring_rails , suggestions for hacks to try or pull requests for your own hacks are very welcome!