Chris Heilmann & Daniel Cranney & Ramona Schwering

WeAreDevelopers LIVE - Chrome for Sale? Comet - the upcoming perplexity browser Stealing and leaking

Never trust the LLM. Treat AI-generated code like a junior developer's pull request to prevent introducing massive security vulnerabilities.

WeAreDevelopers LIVE - Chrome for Sale? Comet - the upcoming perplexity browser Stealing and leaking
#1about 3 minutes

The overlooked security risks of AI and LLMs

AI tools can introduce unintentional data exposure and security traps that developers often overlook.

#2about 8 minutes

Understanding the recent surge in software vulnerabilities

Over-trusting AI-generated code, like insecure regex patterns, contributes to a significant increase in actively exploited vulnerabilities.

#3about 5 minutes

The hidden security dangers of vibe coding

While democratizing access to code, vibe coding creates major risks through exposed API keys and a lack of understanding of underlying security principles.

#4about 7 minutes

Enhancing personal security with physical hardware keys

Physical security keys like YubiKey offer a robust hardware-based authentication method to protect critical accounts beyond traditional passwords and passkeys.

#5about 5 minutes

The growing threat of DDoS attacks and cloud monitoring

DDoS attacks are increasing dramatically, highlighting the need for services like Cloudflare and tools like Cloud Snitch to monitor and protect cloud infrastructure.

#6about 4 minutes

Navigating employee surveillance and company hardware policies

Using company hardware for personal projects can lead to intellectual property disputes, and employee surveillance tools raise significant trust and privacy issues.

#7about 3 minutes

Exploring specific web vulnerabilities and filtering issues

An examination of less common attack vectors like WebSocket hijacking and the unintended consequences of overzealous input filtering in web editors.

#8about 7 minutes

The potential sale of Chrome and its web implications

Google may be forced to sell Chrome due to monopoly concerns, raising questions about the future of the open web and user privacy under new ownership.

#9about 4 minutes

Customizing ChatGPT's verbose communication style

Users can employ specific prompts to counteract ChatGPT's overly positive and verbose "house style" for more direct and efficient interactions.

#10about 6 minutes

The authenticity problem with AI-generated content

The rise of AI-generated podcasts and social media voiceovers raises concerns about the loss of authenticity and human connection in digital media.

#11about 2 minutes

The irony of using a pirated font in anti-piracy ads

The iconic "You wouldn't steal a car" anti-piracy campaign from the DVD era was ironically created using a pirated font.

#12about 2 minutes

Final advice on security and responsible AI usage

Key takeaways include never blindly trusting LLM outputs and recognizing that implementing robust security is a necessity, not a choice.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Web security news and strange AI behaviors
09:53 MIN

Web security news and strange AI behaviors

WeAreDevelopers LIVE - Modern DevOps for IoT Devices and More

Exploring recent AI incidents and creative developer hacks
06:44 MIN

Exploring recent AI incidents and creative developer hacks

WeAreDevelopers LIVE - SpeculAItions

Guessing the reality of security and data-related tech headlines
02:18 MIN

Guessing the reality of security and data-related tech headlines

SVG Favicons Boost SEO, Flying Cars in 2027, and AI Destroys Production Data - Sylwia Laskowska

A roundup of recent web development and tech news
21:29 MIN

A roundup of recent web development and tech news

WeAreDevelopers LIVE - Yes, CSS Can Do That!

Understanding AI security risks for developers
03:35 MIN

Understanding AI security risks for developers

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Discussing modern web development news and trends
12:31 MIN

Discussing modern web development news and trends

WeAreDevelopers LIVE - GraalVM in action, Static Analysis insights and more

Navigating security risks when creating developer content
05:12 MIN

Navigating security risks when creating developer content

WeAreDevelopers LIVE - Should We Respect LLMs? Is Rust Taking Over? Developers as Content Creators and more

Analyzing recent NPM attacks and browser market shifts
12:26 MIN

Analyzing recent NPM attacks and browser market shifts

WeAreDevelopers LIVE - "Fun and games - and all that comes with it", Back to BASIC & more

Featured Partners

Related Videos

See all videos
WeAreDevelopers LIVE – AI vs the Web & AI in Browsers
53:46

WeAreDevelopers LIVE – AI vs the Web & AI in Browsers

Chris Heilmann, Daniel Cranney & Raymond Camden

WeAreDevelopers Live: Browser Extensions, Honey Scam, Jailbreaking LLMs and more
1:01:25

WeAreDevelopers Live: Browser Extensions, Honey Scam, Jailbreaking LLMs and more

Chris Heilmann & Daniel Cranney

WeAreDevelopers LIVE: What's happening to React?, All-in-one editors, Fireships and Firebases & more
47:53

WeAreDevelopers LIVE: What's happening to React?, All-in-one editors, Fireships and Firebases & more

Chris Heilmann & Daniel Cranney & Tejas Kumar

WeAreDevelopers LIVE - Is AI replacing developers?, Stopping bots, AI on device & more
1:01:03

WeAreDevelopers LIVE - Is AI replacing developers?, Stopping bots, AI on device & more

Chris Heilmann & Daniel Cranney & Sebastian Gingter

WeAreDevelopers LIVE - Markdown, Liquid and Checkouts
55:37

WeAreDevelopers LIVE - Markdown, Liquid and Checkouts

Chris Heilmann, Daniel Cranney & Kumar McMillan

WeAreDevelopers LIVE: Scammer Payback with Python, Grok Goes Unhinged, The Future of Chromium and mo
1:01:44

WeAreDevelopers LIVE: Scammer Payback with Python, Grok Goes Unhinged, The Future of Chromium and mo

Dan Cranney, Chris Heilmann & Brian Rountree

WeAreDevelopers LIVE - Performance and AI?, Social Media decline, Developer Events and more
53:24

WeAreDevelopers LIVE - Performance and AI?, Social Media decline, Developer Events and more

Chris Heilmann, Daniel Cranney & Harry Roberts

WeAreDevelopers LIVE - Did AI or JS break the web?, Finding gems in the days of AI and One thing developers really need to know
1:04:22

WeAreDevelopers LIVE - Did AI or JS break the web?, Finding gems in the days of AI and One thing developers really need to know

Chris Heilmann, Daniel Cranney & Peter Cooper

Related Articles

View all articles
Chris Heilmann
Dev Digest 116 - WWWAI?
This time, learn how to un-AI Google's search results, what's new on the web, avoid a new security hole and go back to BASICS with us. News and ArticlesWhat a week. Google, Microsoft, OpenAI and many others had their big flagship events announcing th...
Dev Digest 116 - WWWAI?
Chris Heilmann
WeAreDevelopers LIVE days are changing - get ready to take part
Starting with this week's Web Dev Day edition of WeAreDevelopers LIVE Days, we changed the the way we run these online conferences. The main differences are:Shorter talks (half an hour tops)More interaction in Q&AA tips and tricks "Did you know" sect...
WeAreDevelopers LIVE days are changing - get ready to take part
Chris Heilmann
With AIs wide open - WeAreDevelopers at All Things Open 2025
Last week our VP of Developer Relations, Chris Heilmann, flew to Raleigh, North Carolina to present at All Things Open . An excellent event he had spoken at a few times in the past and this being the “Lucky 13” edition, he didn’t hesitate to come and...
With AIs wide open - WeAreDevelopers at All Things Open 2025

From learning to earning

Jobs that call for the skills explored in this talk.