OSCON Wrapup

31 Jul 2008

Another OSCON has come and gone. It was a very busy week filled with talks, work, social events, and everything in between. (Sleep is optional and not recommended.)

The OmniTI family (Message Systems included) was well represented with a number of speakers and talks:

Chris Shiflett
Experience-Driven Development: Designers and Developers Working in Harmony
Security 2.0: Emerging Trends in Web Application Security
David Gray
How I Learned to Love Revision Control
Luke Welling
PHP Taint Tool: It Ain't a Parser
Mike Hillyer
How to be Normal: A Guide for Developers
Robert Treat
Pro PostgreSQL
Theo Schlossnagle
Full-Stack Introspection Crash Course
Wez Furlong
Hot Chocolate: Creating Cocoa Apps with PHP
PDO: PHP Data Objects
PHP Extension Writing

Experience-Driven Development is a talk I gave with Jon Tan, and we explored ways designers and developers can collaborate better to create a better user experience, and thereby create a better web site. The talk was rough around the edges, but we have received a number of positive reviews so far, and it has sparked some interesting discussions. My own thoughts on the matter aren't too solidified yet, because I'm better at identifying problems than coming up with solutions. :-) The sheer volume of horrible web sites is proof that industry standard practices suck.

I had planned to give Security 2.0 for the last time at this conference, but I received more positive feedback than I think I ever have. I was very pleased to note that more than half of the audience (which was a pretty large audience in the main auditorium) was at least somewhat familiar with CSRF already. (This was a first.) Perhaps I should just refine the talk to focus less on explaining what XSS and CSRF are and more on the interesting exploits that combine them with other technologies such as Ajax and Flash.

Luke's talk was about a security tool we've been developing at OmniTI as part of our web application security practice. It's called SNAP, and we plan to open source it soon. Garrett Serack of Microsoft attended the talk and explains it in a little more detail, and I hope to post more about SNAP soon.

I dined at Mint during 3 of my 6 evenings in Portland. Delicious. :-) I also made my way to Doug Fir and Vault, both of which are popular among OSCON regulars.

I used Twitter throughout the conference, and it looks like searching for shiflett+oscon finds most of my relevant updates, if you're interested.

I hear OSCON is coming to San Francisco next year. Be there. :-)