About the Author

Hi, I'm Chris, a web developer and a founding member of Analog. I live and work in Brooklyn, NY.

DC PHP Conference Recap

Sun, 22 Oct 2006 at 18:38:20 GMT
9 Comments
References

This past Thursday, I attended the DC PHP Conference. Since I was only there for a day, I'm sure I missed a lot, but I did manage to do some of the things on my list.

I attended more talks than usual, including:

Although I didn't see his talk at the conference, Adam Trachtenberg visited OmniTI on Wednesday to give a talk on ext/soap at our weekly developer session.

My talk about PHP Security Testing was just after lunch, and I received a lot of positive feedback. My other talk, The Truth about XSS, was the last talk of the day, and I went over by about 15 minutes. I think this is currently my most interesting talk, and as a testament to this, the room remained packed despite the fact that free beer was available elsewhere. :-) Thanks to everyone who gave up free beer to hear my talk.

I also briefly met David Recordon, one of the guys involved with OpenID. He works at VeriSign, who offers a Personal Identity Provider. This is something Wez has been playing with recently. Hopefully he'll blog about his experiences.

Damien Seguy, who has been tracking PHP 5 adoption statistics for us, mentioned to me that he is gathering statistics from open phpinfo() pages. His statistics reveal that register_globals is enabled on about half of these. (Adam suggested that there is probably a relationship between those who enable register_globals and those who have open phpinfo() pages.) I'm eager to see these statistics published.

Laura, Damien, Adam, and I finished the day at a Chinese restaurant, where I managed to find some spicy food. Damien and Adam both speak Chinese, so I think they appreciated the chance to practice.

All in all, the conference turned out pretty well, and I'm happy to have been a part of it.

About This Post

DC PHP Conference Recap was posted on Sun, 22 Oct 2006 at 18:38:20 GMT.

9 Comments

1. Keith Casey said:

Thanks for coming and I'm glad it worked out so well. Laura puts on a pretty good presentation too. I was also happy to have a few people being opposite of your session and all. ;) I have some coverage going onto my site starting tomorrow.

Is your tutorial at Zend going to overlap with the XSS presentation?
Sun, 22 Oct 2006 at 23:47:34 GMT Link

2. Eddie Peloke said:

I had the pleasure of attending both of your talks and Laura's as well and enjoyed them both. The topics you presented are definitely something that will stick in our minds as we go back to work tomorrow.

It was also good to see that there are companies like OmniTI and others in the area instead of all on the west coast.

Mon, 23 Oct 2006 at 00:20:33 GMT Link

3. Chris Shiflett said:

David Recordon posted his slides:

http://openid.net/pres/2006_DC_PHP_Conference.pdf
Mon, 23 Oct 2006 at 04:43:27 GMT Link

4. Chris Shiflett said:

Keith, my tutorial at ZendCon is going to be more generic than either of my talks at the DC conference, because those were pretty specialized. However, my tutorial does cover XSS and CSRF, and that content should benefit from some of my recent research.

Eddie, glad you liked the talks. :-)
Mon, 23 Oct 2006 at 04:56:56 GMT Link

5. Marcel Esser said:

What was especially interesting about the talk was walking to a terminal and searching Google Code for $PHP_SELF afterwards.

People just don't learn.
Mon, 23 Oct 2006 at 16:31:54 GMT Link

6. Chris Shiflett said:

Brian Wasserman has graciously provided a recording of my talks:

http://download.starvingprogrammer....ris%20Shiflett/

I haven't listened to them, because I hate the sound of my own voice, but hopefully you won't mind. :-)

Thanks, Brian!
Tue, 24 Oct 2006 at 03:04:01 GMT Link

7. Travis Phipps said:

I've been listening to the recordings (thanks Brian!), but I can't seem to find your slides posted anywhere. Are they available for download? I'd love to have my co-worker listen to the security testing one, but I think he'll be lost without the visuals.
Wed, 25 Oct 2006 at 17:28:55 GMT Link

8. Chris Shiflett said:

Sorry about that, Travis. I'll be posting them here:

http://omniti.com/resources/talks
Wed, 25 Oct 2006 at 17:40:46 GMT Link

9. Travis Phipps said:

Sorry to keep bugging you, but it appears that the slides haven't been posted yet. Just wanted to send you a reminder.

Thanks!
Tue, 07 Nov 2006 at 15:52:01 GMT Link

liukang wrote:: I have problem with this example. In my php.ini magic_quotes_gpc is off so i'm using only addsla...; Posted in addslashes() Versus mysql_real_escape_string()
RyanTheGreat wrote:: Well, I'm not Chris, but I will do my best to address the questions raised in the comments by Ian...; Posted in Security Corner: Cross-Site Request Forgeries
Chris Shiflett wrote:: Thanks for the kind words, Simon. I'm glad you liked the tutorial. In case it's helpful, here'...; Posted in Webstock
Chris Shiflett wrote:: Hi Robin, I plan to post something about it, but it's going to be hard to express everything i...; Posted in Webstock
Simon Mahony wrote:: Hi Chris, I really enjoyed your workshop on the Evolution of Security at Webstock. I think I g...; Posted in Webstock

Browse Comments

Planet

Conversations With a Blackhat: From Robert Hansen
50 Fantastic Favicons: Episode 9: From Smashing Magazine
An introduction to cognition and culture: From Mind Hacks
Announcing Strawberry Perl Professional: From Andy Lester
Live from DrupalCamp Nashville: From Cal Evans

Explore the Planet

Fresh Links

Explore Links

Main Menu

About the Author

DC PHP Conference Recap

About This Post