Chris Heilmann & Daniel Cranney & Ramona Schwering
WeAreDevelopers LIVE - Chrome for Sale? Comet - the upcoming perplexity browser Stealing and leaking
#1about 3 minutes
The overlooked security risks of AI and LLMs
AI tools can introduce unintentional data exposure and security traps that developers often overlook.
#2about 8 minutes
Understanding the recent surge in software vulnerabilities
Over-trusting AI-generated code, like insecure regex patterns, contributes to a significant increase in actively exploited vulnerabilities.
#3about 5 minutes
The hidden security dangers of vibe coding
While democratizing access to code, vibe coding creates major risks through exposed API keys and a lack of understanding of underlying security principles.
#4about 7 minutes
Enhancing personal security with physical hardware keys
Physical security keys like YubiKey offer a robust hardware-based authentication method to protect critical accounts beyond traditional passwords and passkeys.
#5about 5 minutes
The growing threat of DDoS attacks and cloud monitoring
DDoS attacks are increasing dramatically, highlighting the need for services like Cloudflare and tools like Cloud Snitch to monitor and protect cloud infrastructure.
#6about 4 minutes
Navigating employee surveillance and company hardware policies
Using company hardware for personal projects can lead to intellectual property disputes, and employee surveillance tools raise significant trust and privacy issues.
#7about 3 minutes
Exploring specific web vulnerabilities and filtering issues
An examination of less common attack vectors like WebSocket hijacking and the unintended consequences of overzealous input filtering in web editors.
#8about 7 minutes
The potential sale of Chrome and its web implications
Google may be forced to sell Chrome due to monopoly concerns, raising questions about the future of the open web and user privacy under new ownership.
#9about 4 minutes
Customizing ChatGPT's verbose communication style
Users can employ specific prompts to counteract ChatGPT's overly positive and verbose "house style" for more direct and efficient interactions.
#10about 6 minutes
The authenticity problem with AI-generated content
The rise of AI-generated podcasts and social media voiceovers raises concerns about the loss of authenticity and human connection in digital media.
#11about 2 minutes
The irony of using a pirated font in anti-piracy ads
The iconic "You wouldn't steal a car" anti-piracy campaign from the DVD era was ironically created using a pirated font.
#12about 2 minutes
Final advice on security and responsible AI usage
Key takeaways include never blindly trusting LLM outputs and recognizing that implementing robust security is a necessity, not a choice.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
06:02 MIN
Exploring the features of the Chrome AI APIs
Generate AI in the Browser with Chrome AI - Raymond Camden
17:41 MIN
Presenting live web scraping demos at a developer conference
Tech with Tim at WeAreDevelopers World Congress 2024
27:19 MIN
Key takeaways on IDE and developer tool security
You click, you lose: a practical look at VSCode's security
37:26 MIN
Q&A on Replay.io architecture, adoption, and CI/CD
Fighting test flakiness with time machines
21:28 MIN
How developers can prevent browser AI interference
Exploring the Future of Web AI with Google
09:25 MIN
Understanding the security risks of AI-generated code
WeAreDevelopers LIVE – Building on Algorand: Real Projects and Developer Tools
28:05 MIN
A developer's responsibility to build secure software
You can’t hack what you can’t see
15:24 MIN
Defining the future of the modern developer role
The Evolving Landscape of Application Development: Insights from Three Years of Research
Featured Partners
Related Videos
1:01:25WeAreDevelopers Live: Browser Extensions, Honey Scam, Jailbreaking LLMs and more
Chris Heilmann & Daniel Cranney
53:46WeAreDevelopers LIVE – AI vs the Web & AI in Browsers
Chris Heilmann, Daniel Cranney & Raymond Camden
47:53WeAreDevelopers LIVE: What's happening to React?, All-in-one editors, Fireships and Firebases & more
Chris Heilmann & Daniel Cranney & Tejas Kumar
1:01:03WeAreDevelopers LIVE - Is AI replacing developers?, Stopping bots, AI on device & more
Chris Heilmann & Daniel Cranney & Sebastian Gingter
1:01:44WeAreDevelopers LIVE: Scammer Payback with Python, Grok Goes Unhinged, The Future of Chromium and mo
Dan Cranney, Chris Heilmann & Brian Rountree
53:24WeAreDevelopers LIVE - Performance and AI?, Social Media decline, Developer Events and more
Chris Heilmann, Daniel Cranney & Harry Roberts
1:04:22WeAreDevelopers LIVE - Did AI or JS break the web?, Finding gems in the days of AI and One thing developers really need to know
Chris Heilmann, Daniel Cranney & Peter Cooper
47:35Panel discussion: Developing in an AI world - are we all demoted to reviewers? WeAreDevelopers WebDev & AI Day March2025
Laurie Voss, Rey Bango, Hannah Foxwell, Rizel Scarlett & Thomas Steiner
Related Articles
View all articles
From learning to earning
Jobs that call for the skills explored in this talk.
![Senior Software Engineer [TypeScript] (Prisma Postgres)](https://wearedevelopers.imgix.net/company/283ba9dbbab3649de02b9b49e6284fd9/cover/oKWz2s90Z218LE8pFthP.png?w=400&ar=3.55&fit=crop&crop=entropy&auto=compress,format)
Senior Software Engineer [TypeScript] (Prisma Postgres)
Prisma
Remote
Senior
Node.js
TypeScript
PostgreSQL
Senior Machine Learning Engineer (f/m/d)
MARKT-PILOT GmbH
Stuttgart, Germany
Remote
€75-90K
Senior
Python
Docker
Machine Learning
Full Stack Developer (all genders welcome)
ROSEN Technology and Research Center GmbH
Osnabrück, Germany
Senior
React
DevOps
Next.js
TypeScript
Cloud (AWS/Google/Azure)
JetBrains Web Developer Advocate (Developer Advocacy) New
JetBrains
Amsterdam, Netherlands
Java
Python
Kotlin
JavaScript
TypeScript
{"@context":"https://schema.org/","@type":"JobPosting","title":"Software Developer
Live Wire
Python
Unreal Engine
Frontend Developer - AI
Durlston Partners
Charing Cross, United Kingdom
€110-135K
Senior
REST
React
Vue.js
TypeScript