I don't think I've ever been quoted before. While at
ApacheCon, I went to see if there were
any free Cokes left from lunch for Casey
and I, and my quest was briefly interrupted by someone from
Linux Today who wanted to ask me a
question. I agreed, thinking she was going to ask some insightful question about
Apache, open source, or something relevant. Nope, she asked me about SCO. How
I basically expressed my lack of interest and indicated that the news from
Slashdot was about all that I knew of
SCO's actions. What ended up in
was quite a bit different. The statements attributed to me aren't necessarily
things that I disagree with (although I have no idea what four things in Linux I
could possibly be talking about), but it is weird having quotes made up and
attributed to me. I know a lot of open source developers are quoted pretty often.
Is this pretty much the way it goes?
I wonder if Tim really said the things
attributed to him in a
I never did find any Cokes. Sorry, Casey. :-)
ApacheCon is over. When trying to think of all of the people that I hung out
with or met for the first time (or both), I came up with the following list:
Casey West, and
Adam and I went to see Geoff's talk,
mod_perl 2.0 sucks; mod_perl 2.0 rocks,
on Wednesday morning. As expected, this was an excellent talk, and I found a
shortly after that declared Geoff to be a star. Of course, I already knew that.
After his talk, Geoff, Adam, and I went back to Mary's for a burger, and we all
had the Hawaiian burger (since I had been raving about it since Sunday). My talk,
PHP Attacks and Defense,
was after lunch. The room was extremely large, which had good and bad points.
More people were able to attend than when I spoke at OSCON (my talk there was
very overcrowded, which prevented a lot of people from being able to get in),
but the large room makes everything less intimate. I think the talk went pretty
well, and those who filled out the comment cards had very nice things to say.
I took a nap before going to dinner at the
courtesy of Pair Networks (thanks Casey!).
The restaurant was very nice, and it provided a great view of the city. It was
one of those revolving restaurants (and located at the very top), so we got to
see pretty much everything. One interesting thing about Las Vegas is how the
city is in the middle of the desert, and this is clearly visible from atop the
Stratosphere, because the city lights don't stretch very far in any direction.
Dinner conversation was interesting, and we talked about pretty much everything.
The dinner party consisted of Casey (the host), Nat, Geoff, Philippe, Rasmus,
and myself. Rasmus had some interesting stories about Yahoo. I was particularly
interested in the types of Web-based attacks that they have to deal with. There
are some very creative and malicious people out there with way too much time on
their hands, and Yahoo is a popular target.
Casey and I rode the Big Shot, which was the most thrilling ride I have ridden.
As you can tell from the picture, we didn't play it very cool. There are a lot
of funny captions that could go along with this picture, but "This thing is
powered by Microsoft?!?!?!" was the best thing I could think of. That would be
scary indeed. :-) As frightening as it was, I don't think it's the worst ride
there. One new ride is a mechanical arm that extends far over the edge. It is
basically a segment of track from a roller coaster, and you ride in a car that
propels toward the end of the arm at very high speeds (the arm itself also moves
up and down during this process), braking just at the brink of death. Nat
cleverly described its motion as someone trying to shake a "boogie" from their
finger. Once you've seen it, you will never ride it.
After dinner, we walked down the entire strip and all the way back to the
Alexis. Everyone was too tired to do anything else after that, so we all went
I shared a cab to the airport with Marcus, and I wrote this blog on the plane.
All in all, ApacheCon was a great experience, and I feel like I've learned a
lot as well as made some good friends. Bye bye, Las Vegas.
Today was as busy as yesterday, and I've realized that it's impossible to give an
accurate account of a day at ApacheCon. This is especially true when I try to
remember everything that happened late at night or sometime the following day.
I spent much of the day hacking and was able to meet and hang out with more people -
and Casey are the people whose faces (and
names) come to mind. Nat was speaking opposite
Rasmus at some PHP versus Perl (versus Java,
but who cares about Java?) talk at Comdex. Casey and I took the shuttle over there
to listen in, but we discovered that it would cost $1600.00 to watch the talk. That
idea was quickly canned.
I went to dinner with Sams. Others in the party were Geoff, Stas, John,
Shelley (an editor at Sams - the host),
and a few other people. After dinner, we all headed to a bar to hang out but got
separated in the process. Several of us walked over to the Luxor, and Geoff and
I watched a haunted house movie on IMAX, which was very cool (it was in 3D).
Tomorrow is my talk (already available
here, with all examples
disabled, because they demonstrate security vulnerabilities), so I plan to go
over my slides, and possibly do some last minute tweaking, before I get some
I met up with Nat and went to see
Adam's talk on XML in PHP 5. I
then spent much of the afternoon with Nat, Adam,
John, and a few other PHP and
I went to dinner with O'Reilly and spoke a lot with
Stas about his work with mod_perl.
I also met Rael.
Geoff, Stas, and I walked to the strip and watched the fountain show,
visited the Venetian
(which has recreated Venice indoors - very cool), saw a volcano erupting at
the Mirage, and saw the pirate ships at Treasure Island. We didn't get to
see the pirate show, but maybe another night.
My flight left JFK at 8:00 AM. That was not cool, but at least everything was on time.
After arriving in Las Vegas, I met up with Geoff
to go grab a burger and met one of his coworkers and
Casey in the process. It was also the best burger I've
ever eaten, so I expect to return there at least once this week.
I took a much needed nap after lunch. Adam
got in a couple of hours later, and we had dinner at Lucky's in the Hard Rock Hotel and
Casino (on Geoff's recommendation).
Tomorrow is the first day of sessions. I plan to go see Adam's XML talk, but that's the
extent of my plans.
For all of the security-conscious PHP professionals who are starving for information, help is on the way. I'm pleased to announce my latest writing project, the PHP Security Handbook to be published by O'Reilly and Associates.
There are many steps to securing a Web application, including the security of the network, the Web server, and other related software. This book will focus on application security - the topics that are of concern to those who actually write the code.
And, mod_perl rocks. :-)
Thus was the lesson taught by Geoff in his wonderful presentation given to NY.pm last night.
He was specifically speaking about mod_perl 2.0, and the approach was very nice. The presentation began with a detailed step-by-step account of his first experiences with 2.0, including the problems he ran into and the steps he took to resolve those problems. This was the most refreshing thing about the sucks/rocks approach, in my opinion. Not only were the solutions to these problems given, but Geoff explained the approaches he took to find those solutions (rather than only explaining the steps involved in the solutions themselves). If everyone could do this, it sure would be a neat thing. I think too many people are concerned with wanting everyone to think that it all comes easily or naturally. The truth is that some things are just not intuitive, and even the things that are to some people, aren't for others.
At dinner, many topics were discussed, including PHP (which made me feel somewhat like a foreign diplomat), Perl, mod_perl, ApacheCon, OSCON, books, publishers, and even a lot of non-technical topics.
The really interesting thing about mod_perl, especially 2.0, is that the focus is in exposing Apache's C API in Perl. This grants a lot of power and flexibility to the developer. After seeing some of Geoff's examples, I am more motivated than ever to research PHP's apache_hooks SAPI, which has a similar goal. I am sure that George would appreciate having a bit more community interest in the project, and certainly there are some advanced PHP developers that could make good use of such a thing.
Though they're not there yet, I assume the slides for Geoff's talk will appear here. If not, you can try these, which are probably exactly the same, or you can come see Geoff (and me) at ApacheCon.