Performant web sites are critical for your user’s experience. No doubt about that. But keeping our users’ information private and secure is similarly critical to maintain their trust in the web platform and keep them around. Those two requirements are somewhat at odds.
There are many cases where performance optimizations ended up creating security or privacy holes. There are also many cases where privacy and security restrictions introduce significant performance overhead, or prevent us from getting access to performance-critical information in the wild.
In this talk, we’ll discuss different examples outlining this tension, dig deeper into them, understand the underlying principles behind the web’s security model, and hopefully agree that we need both a performant and safe web to keep our users happy.