About the Author

Hi, I'm Chris, a web developer and a founding member of Analog. I live and work in Brooklyn, NY.

OSCON Wrapup

Thu, 31 Jul 2008 at 21:56:04 GMT
4 Comments
References

Another OSCON has come and gone. It was a very busy week filled with talks, work, social events, and everything in between. (Sleep is optional and not recommended.)

The OmniTI family (Message Systems included) was well represented with a number of speakers and talks:

Chris Shiflett: Experience-Driven Development: Designers and Developers Working in Harmony; Security 2.0: Emerging Trends in Web Application Security
David Gray: How I Learned to Love Revision Control
Luke Welling: PHP Taint Tool: It Ain't a Parser
Mike Hillyer: How to be Normal: A Guide for Developers
Robert Treat: Pro PostgreSQL
Theo Schlossnagle: Full-Stack Introspection Crash Course
Wez Furlong: Hot Chocolate: Creating Cocoa Apps with PHP; PDO: PHP Data Objects; PHP Extension Writing

Experience-Driven Development is a talk I gave with Jon Tan, and we explored ways designers and developers can collaborate better to create a better user experience, and thereby create a better web site. The talk was rough around the edges, but we have received a number of positive reviews so far, and it has sparked some interesting discussions. My own thoughts on the matter aren't too solidified yet, because I'm better at identifying problems than coming up with solutions. :-) The sheer volume of horrible web sites is proof that industry standard practices suck.

I had planned to give Security 2.0 for the last time at this conference, but I received more positive feedback than I think I ever have. I was very pleased to note that more than half of the audience (which was a pretty large audience in the main auditorium) was at least somewhat familiar with CSRF already. (This was a first.) Perhaps I should just refine the talk to focus less on explaining what XSS and CSRF are and more on the interesting exploits that combine them with other technologies such as Ajax and Flash.

Luke's talk was about a security tool we've been developing at OmniTI as part of our web application security practice. It's called SNAP, and we plan to open source it soon. Garrett Serack of Microsoft attended the talk and explains it in a little more detail, and I hope to post more about SNAP soon.

I dined at Mint during 3 of my 6 evenings in Portland. Delicious. :-) I also made my way to Doug Fir and Vault, both of which are popular among OSCON regulars.

I used Twitter throughout the conference, and it looks like searching for shiflett+oscon finds most of my relevant updates, if you're interested.

I hear OSCON is coming to San Francisco next year. Be there. :-)

About This Post

OSCON Wrapup was posted on Thu, 31 Jul 2008 at 21:56:04 GMT.

4 Comments

1. Sean Coates said:

You just posted this so your last entries didn't scroll into oblivion, didn't you? (-: (Aug 1st today, and all)

S

Fri, 01 Aug 2008 at 05:09:05 GMT Link

2. Chris Shiflett said:

Yeah, and so that the navigation here didn't have any gaps:

http://shiflett.org/blog

I need to blog more. :-)
Fri, 01 Aug 2008 at 14:15:20 GMT Link

3. Jan said:

Heya Chris,

it was nice finally meeting you in person.

Cheers

Jan

--
Sun, 03 Aug 2008 at 11:47:22 GMT Link

4. Jon Tan said:

It was great to be there, meet so many good people, and soak in the atmosphere (sometimes literally). Mint was a highlight! Next time out of the blocks I have a feeling our talk might prompt a few more discussions, especially given the very useful feedback from people. Thanks for hosting me Chris, I appreciate it.
Wed, 06 Aug 2008 at 13:52:07 GMT Link

liukang wrote:: I have problem with this example. In my php.ini magic_quotes_gpc is off so i'm using only addsla...; Posted in addslashes() Versus mysql_real_escape_string()
RyanTheGreat wrote:: Well, I'm not Chris, but I will do my best to address the questions raised in the comments by Ian...; Posted in Security Corner: Cross-Site Request Forgeries
Chris Shiflett wrote:: Thanks for the kind words, Simon. I'm glad you liked the tutorial. In case it's helpful, here'...; Posted in Webstock
Chris Shiflett wrote:: Hi Robin, I plan to post something about it, but it's going to be hard to express everything i...; Posted in Webstock
Simon Mahony wrote:: Hi Chris, I really enjoyed your workshop on the Evolution of Security at Webstock. I think I g...; Posted in Webstock