Notes from OSCON 2007

Tools

Notes from OSCON 2007

Today was the first official day of the conference, though lots of folks came early for the tutorials on Monday and Tuesday. Everything I’ve attended has at least been mildly interesting, and in some cases truly inspiring. Here are some important ideas that I wrote down but haven’t quite digested:

“Diagnosis has weak process.” – Theo Schlossnagle on the fluid nature of troubleshooting. The flip side is that the solution must have exact process. Like I said, not quite digested.

“Given the hurricane, where is the butterfly?” – Leventhal’s Conundrum. Where indeed.

Write the code you want to use, then create the classes to support it. This is a neat twist for me, I will definitely give it a whirl. I extracted this from Sam Minne√©’s talk on the framework behind SilverStripe.

“The web is broken we can all go home now.” – Rasmus Lerdorf. He’s serious too, except the part about going home. He actually means “get to work!” Cross-site scripting (XSS) is a huge problem, and once you fix that you still need to address the rampant cross-site request forgery (XSRF) vulnerabilities that are prevalent on the web. Add to that the constant stream of security holes in Flash, Acrobat, and any other software that pokes holes in your browser. Rasmus’ final advice? “Don’t click on links.”

Comments are closed on this post