Race conditions are everywhere but most developers don't seem able to spot (or prevent) them. They're a type of logic bug where timing matters, and lead to unintended consequences or effects, that attackers often exploit. They're easy to overlook, tricky to fix, and can be devastating.

The goal of this talk is to change the way you see code and systems, and identify race conditions yourself. Once you "get it" you'll start seeing Race Conditions everywhere.

This talk is largely inspired by a work colleague who got frustrated by me regularly pointing out race conditions, who's now gone on to excitedly identifying them himself... and how even multi-million dollar "cyber security" platforms we've used make these same mistakes.

There should be something to learn for everyone; whether a junior developer, penetration tester, or seasoned cyber security professional. With a dash of probability theory thrown in, showing some leading HTTP research by James Kettle (aka "albinowax"), and a look at games for a bit of fun.