Planet Chris
Posts from colleagues and friends from today, yesterday, and the day before.
Today (Fri, 25 Jul 2008)
HttpFox
Stoyan Stefanov
HTTPFox is an interesting Firefox extension for monitoring the HTTP traffic, obviously inspired by the IE-only commercial HttpWatch. HTTPFox shows some stuff that are missing from Firebug's Net Panel, such as requests for favicons and such. There's also a little search box that lets you filter the list of components. Pretty cool too is the ability to select and copy the list of components. Funny today I played with a little export feature in the Net Panel, logged here, demo here. ...
Slides: PHP / Cocoa / Objective-C
Wez Furlong
Here are the slides from my Cocoa talk: Hot Chocolate: You got cocoa in my PHP view presentation (tags: php objective-c cocoa)...
OSCON day 2: Prophet, your path out of the cloud
O'Reilly Radar
Some of you may know Jesse Vincent as the guy who hands out snarky t-shirts like last year's "My free software runs your business" shirt. But today I got to see Jesse's more serious side when I attended his "Prophet, your path out of the cloud" presentation. He started his session by outlining why cloud computing may not be the best idea and then went on to talk about his new distributed database called Prophet. Since I've been pondering hosting MusicBrainz' web services at EC2, I found...
Yesterday (Thu, 24 Jul 2008)
OSCON 2008: Slides
Ben Ramsey
Here are my slides for the memcached presentation I gave at OSCON this year. I experimented with a new slide template, which turned out for the worst, since the contrast of the type on the screen was very poor, making it difficult for attendees to read. I apologize for this. In addition, I was completely distracted during my entire talk by loud music coming from the room next door. Nevertheless, the majority of my audience was still around even after I ran 5-10 minutes over schedule, eating...
Finished Presenting at OSCON
Mike Hillyer
My Normalization session seemed to go well enough. Video is online at: http://www.mikehillyer.com/video/oscon_2008.html.
beyond rest
Joshua Schachter
Rabble and Kellan's presentation, "Beyond REST? Building data services with XMPP" is both a great idea as well as a good introduction to coping with massive amount of traffic that large systems have to service. A publish/subscribe architecture is natural to other problem domains such as instant messaging and financial data systems (Tibco, Reuters, and so on). Similarly, Brad Fitzpatrick implemented something similar as a never-ending Atom feed a few years ago for Livejournal (sans XMPP, w...
Twitter Following List Deleted - Ground Hog Day?
John Andrews
It’s time to go back and re-execute the last 12-24 hours of your social relationships, so that they can be re-captured by Twitter. It seems twitter lost a whl enuchof data, and reset people’s “follwoing” lists to zero. Jason Goldman responds to a whiner thread here, admitting that they had to restore user data from a 12 hour old cache and things are still not right. Here’s a quiz for the Social Media addicts: 1. What percentage of Twitter users who have had thei...
Where Drizzle fits in for me
Brian Moon
So, most of you have heard about Drizzle by now. For those that have not, you can check out many, many blog posts or the Launchpad page. The thread on Slashdot about Drizzle was quite negative. Most misunderstand what Drizzle is about. SQLite is not a good solution when you have 100 web servers. Let me describe how it I would use it and maybe that will help some understand it. When it comes to MySQL use, dealnews has two very different use cases. The first is an enterprise storage ...
It's feature freeze time for PHP 5.3
Chris Jones
Lukas Smith has stepped in to help Johannes Schlüter close down the PHP 5.3 release cycle. The volume of commits has recently increased in anticipation of today's feature freeze deadline. I expect the Alpha release time frame will also see high activity. Eventually, increased tightening of criteria for patch acceptance will bring us to Beta and then Production releases. Lukas says "We are hoping to have a stable release of PHP 5.3 out by between mid September and mid October." A...
OSCON day 1: An Open Source Project Called "Failure:" Community Antipatterns to Know and Avoid
O'Reilly Radar
The second session of the day that really appealed to me was "An Open Source Project Called "Failure:" Community Antipatterns to Know and Avoid". When I saw that Ben and Fitz of subversion fame were joined by other open source heavy weights, I was sold on this panel. In this panel each member presented one anti-pattern in open source project, where an anti-pattern is a negative pattern that projects should aim to avoid. Chromatic started off by talking about blocking patterns, where a bl...
Announcing the Open Web Foundation
O'Reilly Radar
Today at OSCON, we'd like to announce the creation of the Open Web Foundation, an organization that will help the creation and acceptance of Open Web. As the web grows there is an increasing need for interoperability between sites. As Tim recently wrote: I believe that we're collectively working on an Internet Operating System, and that it will ultimately look more like Unix than it looks like Windows. That is, it will be an aggregate of best of breed tools produced by an army of indep...
Ease out transitions
Louis-Philippe Huberdeau
Most software design out there is a matter of personal taste. There are very few widely agreed upon rules. It happened to all of us. You get to read a particularly bad piece of code and think it requires a complete rewrite. In most cases, it wouldn’t be hard to get people to agree with you. Rewriting would make everything more beautiful and allow easier modification. However, it has a terrible cost. It will always take longer than you expected. Bad code has this ability to hide featur...
Cyber-this, cyber-that
Eric Sproul
Ed Felten's latest post on his "Freedom to Tinker" blog, entitled What's the Cyber in Cyber-Security?, looks at the roots of the prefix "cyber" that has become ubiquitous in the public mind. I love finding out the origins of terms that we all take for granted and about which we don't usually think in depth. Thanks, Ed.
OSCON 2008 — Day 01 Sessions
New York Times
While all the other "nytimers" are running around having interesting discussions, I thought I'd do a quick blog post. Yesterday's OSCON sessions were great overall, but there were a couple that really stood out for me. Beyond REST? Building Data Services with XMPP PubSubEvan "Rabble" Henshaw-Plath (independent) and Kellan Elliott-McCrea (Flickr) have essentially hijacked XMPP in order [...]
Private Investigator or Forensics Expert
Robert Hansen
What do I have in common with Magnum PI? What does id have in common with Dog the Bounty Hunter? Well in the state of Texas we all need PI licenses. That’s right, if you want to help anyone recover from an incident, investigate computer theft, or engage in any sort of investigation relating to computers whatsoever, you need to become a private investigator in Texas. We can chalk this up to lawyers legislating something they completely fail to understand. Firstly, I highly doubt ...
Pwnie Award Nominee
Petko Petkov
Yesterday a friend of mind let me know that some of my BT Home Hub security research (details here and here) got nominated for the Pwnie Awards. At first I thought “oh, that’s cool”, but then I learned the category my research had been nominated to: Most Overhyped Bug. At first I had kind of mixed feelings whether or not I should be happy about it, but to be honest, there is nothing negative about their comments: GNUCITIZEN and pagvac initiated a media blitz over this v...
OSCON2008 Presentation
Theo Schlossnagle
Hello from OSCON. I gave my full-stack introspection crash course talk today. It has been quite a while since I've presented anything in a 40 minute format, but I think the talk went quite well. I got a lot of positive feedback. I decided to take a risky approach inspired by dtrace.conf(08) by demonstrating dtrace on a live, mission-critical system we run at OmniTI. The risks of this are: network connections flake out, dtrace doesn't work correctly or I do something stupid and caus...
OSCON day 1: Beyond REST? Building Data Services with XMPP PubSub
O'Reilly Radar
Its good to be back in Portland for my favorite geek convention: O'Reilly's Open Source Conference. The overcast sky in Portland is making it a little easier this year to focus on the plethora of excellent speakers and sessions. The first session to really grip and and speak to me was Rabble and Kellan's "Beyond REST? Building Data Services with XMPP PubSub" presentation. They started out their presentation stating that they were not "Jabber Heads", but that they were in the business of ...
The Day Before (Wed, 23 Jul 2008)
On Source Code Review
Sylvan von Stuppe
First of all, Jeremiah Grossman's periodic Web Application Professional's Survey is online - so go take it. That being said, I've kept quite silent on the value of static source code analysis for awhile now because I'm pretty sure what the reaction will be, but one of the questions on the survey was regarding which measures to application security go first. There have been several places where static analysis has gotten a dissed, where it might not be necessary. Most notably of which, I t...
Programmer commutes to work on bike! with tips
Jim Plush
So I've started biking to work 4-5 days a week for numerous reasons. It's actually been great and I was compiling a list of the benefits I've seen so far. I'm lucky enough to have showers at the office I can use so that helps out a lot! biking to work stats 6 miles each way 38.28 lbs carbon per day reduced from the air by not driving 585 calories per day 1.97 gallons of gas each day saved ($180 a month saved!) $15 a month insurance discount for limited vehicle usage. So all in all I'm...
What happened to the MightySeek Podcast?
Dan Kuykendall
Its very simple. I have been very very busy. I know its a lame excuse, but it is true. I also started doing these as very long form and with the Hands on Series specially, it became a rather involved effort. I have re-organized my schedule in the last several weeks and am on course to start recording at least every two weeks. These will be generally shorter, but will be very focused on a topic and just jump right into content. Keep watching!
WordPress 2.6 and next version of podPress
Dan Kuykendall
I know, I know. WordPress 2.6 really broke podPress support. I am working on a new version of podPress to deal with this, its in testing on my dev site and I hope to have it out by the end of the coming weekend. Here is a temp fix that may work for you In your wp-config.php file add this line define (’WP_POST_REVISIONS’, 0); The way WordPress now stores revisions of changes (nice feature) ends up causing podPress settings to get out of sync with the latest post content. There are...
OSCON 2008: SNAP - PHP Taint Tool
Luke Welling
Here are the slides for my talk today at OSCON. Keep the disclaimer at the start at the front of your mind. This tool is fragile and not ready to be called alpha quality It is definitely not ready to be useful on large programs We will release it under an OSI license … soon SNAP Presentation (PDF) ...
Certified Schizophrenic
Robert Treat
The other night I was having dinner with a bunch of folks, and I think it was Jacob Kaplan-Moss (Django dude and Postgres user) who noted that the Postgres community's governance model was this crazy mix of distributed peer-to-peer style chaos, that on it's surface wouldn't seem functional, but somehow seems to work really well for our project (my paraphrazation). It's hard to argue. We don't have a one true leader, and we don't have a corporate master. In fact, we're so multi-faceted, ...
A new gig and a gag
Nigel James
For a while back there I was “out of work” which means my company was short of a client to invoice. Not the best situation. Long story short is that I have remedied that predicament and it all worked out very well given the current economic climate etc etc. I have been meaning to blog a little about recruiting 2.0 or recruiters or that sort of thing as we all have a love hate relationship with that. We need to recruiters to find people but they can, on occassion be annoying. I te...
Professional Soldier
Petko Petkov
I would like to draw a simple analogy between professional soldiers and professional penetration testers. I find a lot in common between them and I believe that this exercise may help some members of the audience to clarify their understandings regarding our industry. We will drill into several categories where both professions will be compared to each other: Skills Both, professional soldiers and penetration testers, have professional set of skills which were build over years of experi...
Defining The Open Web
Joe Walker
Brad asked what the 'Open Web' is. Twice. My mum was always cross if she had to ask 3 times, so here's my stab. The Open Web is the user-remixable technologies that are shipped by the clear majority of major browsers So, for example: XHTML 2.0 is not part of the open web because the browsers didn't go for it even though the W3C did. XMLHttpRequest is part of the open web even though the W3C haven't gone for it (yet) because it's in all the browsers. Canvas is part of the open ...
My online footprint lately
Stoyan Stefanov
This is a sort of a catch-up post for listing what I've been up to lately. YUI Blog just published my first article, I'm so proud. It's about loading JavaScript in non-blocking fashion, because JavaScripts, they, you know, like, block downloads. Luckily, there's an easy fix - DOM includes, which I've previously discussed, discussed and discussed. SitePoint published an update to my older article that introduces AJAX, ok, Ajax, by creating a command-line-like interface with PHP on the server...
Changes to Computer Misuse Act will turn security professionals into criminals
Ivan Ristic
ComputerWeekly has just published my opinion on the forthcoming changes to the Computer Misuse Act (CMA). From the article: The most recent changes to the Computer Misuse Act will give power to prosecute those who help or enable others to commit computer crime. While I am very supportive of this addition, I am also in great fear of this change and its consequences - the amendments are so vaguely worded that they will instantly turn security researchers into criminals once they come into for...
Free receipt with every non-purchase
Brian Shire
Getting something like this really takes the fun out of installing “free” apps. WTF is Apple thinking? ...
Perl on App Engine?
O'Reilly Radar
I am a Perl hacker. I have written parts of the core, created CPAN modules and written tons of perl code. In fact I am addicted to it ; or rather, CPAN. I have been wanting to play around with Google App Engine, but I haven't had time to get up to speed in Python. Today at OSCON I met up with Brad Fitzpatrick, who told me he had permission from Google to talk about and work on a Perl on App Engine project. He makes it clear that, I'm happy to announce that the Google App Engine team has g...
Blogroll
- Adam Trachtenberg
Andi Gutmans
- Andrei Zmievski
- Andrew van der Stock
Anna Filina
Anurag Agarwal
- Ask Bjørn Hansen
- Barry Austin
- Ben Ramsey
Billy Rios
Brian DeShong
- Cal Evans
- Chris Cornutt
- Chris Jones
Chris Shiflett
Christian Matthies
- Christian Stocker
Clay Loveless
- Dagfinn Reiersøl
Dan Scott
Daniel Krook
- Dave Child
- Davey Shafik
- David Coallier
David Sklar
- Dennis Pallett
- Derick Rethans
- Don MacAskill
Douglas Clifton
Ed Finkler
Eli White
- Elizabeth Naramore
- Elizabeth Smith
- Eric Sproul
- Gareth Heyes
Geoff Young
- George Schlossnagle
Greg Beaver
- Heiko Webers
- Ilia Alshanetsky
- Ivo Jansch
- James Duncan
- James McGlinn
- Jason Sweat
- Jay Pipes
- Jeff Loiselle
Jeff Moore
Jeremiah Grossman
Jeremy Zawodny
- Jim Plush
- John Andrews
- John Lim
- John Schulz
- Jon Tan
- Joshua Eichorn
- Joshua Schachter
Joyce Park
Julien Couvreur
- Justine Sanderson
Ken Guest
- Laura Thomson
- Ligaya Turmelle
Lorna Jane Mitchell
Lucas Nealan
- Luke Welling
- Maggie Nelson
Marc Andreessen
- Marco Tabini
- Marcus Börger
- Marcus Whitney
Matt Biddulph
Matthew O'Phinney
- Matthew Turland
- Michael Kimsal
Michael Radwin
- Mike Hillyer
- Mike Lively
- Mike Naberezny
- Mike Willbanks
- Mitch Pirtle
ModSecurity Blog
Monty Widenius
- Natalie Downe
Nate Abele
Nitesh Dhanjani
- Nola Stowe
- O'Reilly Radar
- OWASP Blogs
- Patrick Reilly
- Paul Jones
- Paul Reinheimer
- Petko Petkov
Philip Olson
Philippe Chiasson
Pádraic Brady
Rasmus Lerdorf
- Rich Bowen
- Richard Davey
Richard Lynch
- Rob Allen
- Rob Richards
- Robert Hansen
- Robert Lemos
- Robert Treat
- Ronald van den Heetkamp
Ross Howard
Ryan Cartner
- Sara Golemon
- Sean Coates
- Sebastian Bergmann
Shane Caraveo
- Shawn Lauriat
Shreeraj Shah
Sid Karunaratne
Simon Willison
- Stefan Koopmanschap
- Stoyan Stefanov
- Stuart Herbert
- Sven Vetsch
- Terry Chay
- Theo Schlossnagle
- Tim Van Wassenhove
- Tobias Schlitt
- Vidyut Luther
William Candillon
- Wolfgang Drews
- Zak Greant
- Zeev Suraski
- Zend Blog
