Given my renewed focus on security I’ve been looking to lock down much of my communications so that I feel more secure online. One of the things that I use quite a lot to connect with people who know WTF they’re talking about is IRC. #freenode is my network of choice as it has a bunch of interesting places with fairly active communities. irssi is my current client of choice for a few reasons.

SASL, among other things, is one thing that can be enabled to secure your communication on IRC. There’s quite a bit of information out there already about how to enable SASL for irssi on Freenode. These instructions worked out of the box for me on Linux, but not on Mac OSX. After downloading cap_sasl.pl and putting it in ~/.irssi/scripts/autorun and installing the required Perl modules I went through the steps to get SASL configured. When I attempted to enable it as per the instructions using the command /sasl set network TheColonial <password> DH-BLOWFISH I had the following error:

Can’t locate object method “send_raw_now” via package “Irssi::Irc::Server”

This took a bit of Googling to nail. It turns out that, for some reason, on Mac OSX irssi actually requires an extra package to be included in the script. So open cap_sasl.pl and look for this (it’s right at the top):

use strict;
use Irssi;

Immediately below this, add the following:

use Irssi::Irc;

The script should now run fine and irssi should stop complaining.

This might seem obvious to some, but it wasn’t to me! From what I can tell other people around the traps have had the same problem so I thought I’d post this in the hope that it helps others.

Forgive the title of the post, it was hard coming up with something succinct that captured the purpose of the post. This was inspired by a recent experience with a client who had this exact problem with one of their production systems.

TL;DR

Never use Request.QueryString to access parameters in your views, even when you’re sure your actions have validated them. You may open your application up to XSS attacks. Always, always use data that is passed to your views via the Model or the ViewData dictionary. Under no circumstances should you trust data coming in from the web, that includes query string parameters.

For the past two years I’ve been heavily involved with organising two user groups in Brisbane: BFPG and BNoSQL. Those of you out there who organise your own user groups no doubt know how much is involved in keeping these things going. My focus has been on building communities around the subject matter and trying to get attendance up. It was a tough gig.

For the most part I think I succeeded in what I set out to achieve. We’ve seen a steady growth in memberships along with the usual fluctuations in attendance, but on the whole the net effect has been really positive. The development community here in Brisbane is very strong and has a lot of passionate people backing it. I think it’ll continue to grow and flourish.

During my time as an organiser I’ve had an immense amount of fun, learned a bucketload, met some amazing people and formed some great friendships. But I’ve got to a point where I think there’s nothing more I can give to the groups as an organiser.

For groups to remain successful they need many things; the key one being change.

Organisers need to change. Focus needs to change. Ideas need to change. The group needs to get a fresh face periodically to stop it from stagnating. I feel that the time has come for me to step down as organiser and get other people to step up and make their mark, take the groups past where I can take them.

I also have personal reasons for making this decision and most of them revolve around the lack of time. I won’t bore you with all the details, but for my own sanity I need a break from it. I need to step down before I burn out and lose the desire to attend in any capacity. I’ve given it all I’ve got and I hope that in some way I’ve had a positive impact on the lives of the many techies that I know and respect here in sunny Brisbane.

As of the end of this year I will no longer be a user group organiser in Brisbane. At this point I have no plans to get back involved down the track, but I won’t say “never” either. I’ll be investing time in building up my own business, spending more time with the family and generally enjoying the lack of stress put on myself twice a month.

I want to thank this technical community for its support. It’s been an absolute joy seeing people get together at the events that I’ve helped create and I look forward to being part of the crowd from here on in.

Cheers!

Life is way too short to be working on boring, uninteresting or meaningless stuff. Get out there and do what you love. Screw working for the dollar on something that you don’t enjoy. Don’t study in a field that doesn’t inspire you just because you got the marks or because people expect you to. Don’t do what you’ve always done just because it’s easy.

Chase your passion. Love your work.

Make sure you spend every day doing something that has meaning … something you feel is important and fulfilling. Remember, you’re trading one whole day of your life for it.

Newcomers to the series should first take a look at the previous four parts of the series (Part 1, Part 2, Part 3, Part 4) first to make sure that you’re up to speed. Feel free to read on if you feel comfortable with the general concepts in use.

When we finished Part 4 we were able to authenticate users using Twitter and OAuth, which is great as we can delegate the responsibility of password management to an external entity.

Now that we know who people are, we want them to be able to do something meaningful with their accounts. That’s what this post is all about.

For those of you who are new to the series, you may want to check out Part 1, Part 2 and Part 3 before reading this post. It will help give you some context as well as introduce you to some of the jargon and technology that I’m using. If you’ve already read then, or don’t want to, then please read on!

Upon finishing Part 3 of the series we were finally able to read data from Riak and see it appear in our web page. This was the first stage in seeing a full end-to-end web application functioning. Of course there is still a great deal to do!

Webmachine is currently my favourite tool for building websites. I’ve been lucky enough to use it on a few things now, some commercially some personally. While working on my Erlang web development series I had to handle the case where URLs redirected to other URLs. I found some basic documentation on this but wasn’t able to find a canonical example of how to do it.

After a big of digging through blog posts and speaking to people on IRC I figured out how it was done. The goal of this post is to show how it’s done for 301 (permanent) and 307 (temporary) redirects.

The topic of tools is often a hot one amongst developers and every year we see an influx of blog posts where people rant and rave about which ones they love the most, and why.

Far be it from me to stay out of such a discussion!

Here is a list of the tools that I use as of the end of January 2012. Some are simply noteworthy. Others are very handy and while I would get by without them they would be missed. Some of these I simply cannot live without. I’m not going to bother with ratings. I won’t go into frameworks or the like which make their way into my code, instead I am focussing on those tools which help me do the coding and which aid me in my general computer usage.

Some of these tools are platform-specific, but many can be used across different platforms.

I was about to head to bed when I stumbled across a poorly-titled article on news.com.au. At first I thought it was going to cover off the best locations around Australia, or perhaps the world, for finding work in a variety of industries. It turned out to be a failed attempt at highlighting the key growth industry areas for jobs in Australia.

It began like this:

JOBS demanded across several booming sectors will be the best place to find work this year.

Despite the appalling structure and lack of coherence of the opening paragraph I pushed on through the rest of the article, hoping to find some interesting or useful information. Most of content would be fairly obvious to almost every Australian. The bits that could be considered interesting were old news, and nothing in the article made me feel that reading it was a good use of time.

I can clearly remember the first time I got involved in an Agile project – it was back in 2004, it was in London and in the finance industry (insurance to be exact). When I joined the project the team was small though over time it become much bigger.

While on that gig I met and worked with a few of the nicest and best devs that I’ve worked with (RobG, Yoann and The Chief).

It was an exciting project. We were using XP in very much its purest sense, right from the beginning. We always paired up to do our programming, we created stories, we estimated our points using a point system that wasn’t tied to hours but instead was relative. We had mini-retrospectives, continuous integration, unit tests and more. For 2004, that was pretty good.

Since then I’ve worked on quite a few other Agile projects and over time, I have come to believe a few of the absolute purest views on Agile aren’t necessarily the best.