Tony Bibbs » Technology

Changing the Default Browser for Adobe Air Apps under Ubuntu

Tony — Thu, 25 Mar 2010 21:26:46 +0000

I use TweekDeck as my Twitter client and recently I had to rebuild my Ubuntu Linux desktop which meant trying to remember all the “tweaks” I had to make. One of these is the annoying fact that TweetDeck tries to use some deprecated Gnome environment variable to determine the default browser (clearly not many of the Adobe developers use Ubuntu much). Anyway, the “fix” is a derivative of this solution. The only difference is I used the path to the Google Chrome binary (that’s my default) to symlink /usr/local/bin/browser to. Also, my Air installation had libCore.so in a different place so I did a combination “updatedb” and “locate libCore.so” from a terminal. From there I edited it and replaced the firefox with ‘browser’. Note that the line number I found it on (and the one in the article above) are unreliable so search for ‘openUrl’ and the next field should be the one you need to change. Leave a comment if this helps you…it helps me stay motivated to even bother posting tips like this.

Getting Flash Sound to work under Google Chrome and Ubuntu 9.10

Tony — Fri, 19 Mar 2010 18:56:32 +0000

I’ve been increasingly frustrated by Google Chrome’s ability to play Flash minus sound. I don’t know what Flash plugin they are using but, luckily, the fix is easy. I just:
#>mkdir /opt/google/chrome/plugins
#>sudo cp /opt/Adobe\AIR/Versions/1.0/Resources/libflashplayer.so .

You’l notice I’m using the AIR version but my guess is you could use the one bundled with any other browser (e.g. Opera, Firefox). Just run:
locate libflashplayer.so
…and go from there.

Comparing Propel and Doctrine

Tony — Thu, 11 Feb 2010 20:40:18 +0000

I’ve recently decided to make the switch to Doctrine as the ORM of choice for any new PHP projects we work on. I didn’t make this decision lightly as, until now, I have been a long time user and advocate of Propel having given talks on it at PHP conferences and even a webinar or two. So why the change? That’s really not significant, what is significant is I think I can give a very quick punchlist of things about each that other PHP’er might find useful when evaluating them for themselves.

Propel

Pros – First, let’s be clear I’m not talking about the pros of using an ORM. I’m talking about the good things that this ORM implementation brings to the table. Those are:

Hydration Speed – You can argue you should never retrieve hydrated PHP objects from query if you don’t plan on taking some sort of save or delete action on it. Yes, that’s true from a performance standpoint, however, if you are building a site where performance simply isn’t a concern then you’ll be pleased to know Propel can hydrate a set of objects quickly enough to be used in building a view (i.e. a data grid of some sort).
Classic Getters/Setters – You get these methods stubbed out in the base classes that Propel generates and you can override them easily. I should note Doctrine can do similar sorts of things but not in a conventional way.
Support – The Propel mailing lists and IRC channel on freenode are pretty active, thought, not near as active as Doctrine’s.

Cons

Dependency hell – Propel has improved this but it’s still not perfect. Back in the early days, before PDO, you needed Propel’s generator, Phing and Creole. Now you just need the generator and Phing. Phing is very much like Java’s Ant build tool. While I understand and get why they use Phing, it adds a layer of complexity that makes it a barrier to new users. Propel’s generator isn’t as bad as it is just a set of Phing targets to do Propel’s bidding. If you come from .NET or Java using Phing won’t be a big deal but if you aren’t familiar with Ant or nAnt then Phing will come with a learning curve.
Criteria – Propel’s way to help ensure portable queries are built is via their Criteria object. While I get the need for it, not having a explicit way to run native SQL short of getting a PDO connection and doing all the work that way is a short coming. In fact, I despise Criteria so much I never use it, mainly because it doesn’t take too much work to hit a situation that Criteria either can’t handle well or make the code so complicated it’s not worth it.
No 5.3 namespace support – Let’s face it, we are all tired of Really_Long_Class_Names ala PEAR, Zend Framework, et. al.
Community – This is probably hard to blame on any one person but for a long time no work was done on Propel. There was a change in project leads which took a long time and the development efforts took a while to get going. I’m happy to say the team is active again, but a lot of ground was lost during the downtime.

Doctrine

Pros

No other dependencies. Doing builds is easy as creating a simple PHP command line file and running it. No Phing, no other external property files.
Magic finders – I love this. Say you have a user table with a user_name field that has a unique index on it. Retrieving this is as simple as
```
Doctrine::getTable('User')->findOneByUserName('janedoe');
```
. Propel would require a few more lines setting up a Criteria object and running it.
Named Queries – This is something I pitched to the Propel development team quite a long time ago that always got a luke warm reception from the community. I ended up implementing my own named query implementation which worked well enough that I never used Criteria. With Doctrine you just get it out of the box:
```
$this->addNamedQuery(
    'someQueryName',
    \Doctrine_Query::create()
        ->select('*')
        ->from('User u')
        ->where(user_name = ? AND 'password = ?')
);
```
Now I’m not totally in love with that syntax, it’s not much better than Criteria, honestly, however I go through that pain once and then I can just say:
```
$user = \Doctrine::getTable('User')->find('someQueryName', array('janedoe',SHA1($password)));
```
It’s also worth noting you can also use named queries to issue raw SQL, though, it will only return the raw recordset. Some of you are probably asking WTF? Named Queries? Read up on them, decide for yourself if they are for you…all I can say is after having used an implementation for years I’m sold on it (maybe that can be a future blog post).
Documentation – Their documentation is top-notch. Only improvement that is needed is comment support to the manuals.
Community – Let’s face it. Doctrine has gained some traction and all you need to do is follow the mailing lists, IRC and other community resources to see they simply get it. Their partnership with Zend Framework is a shining example of good strides in this area.

Cons

Hydration Override – This one had me scratching my head the first time I noticed it. By default, if you fetch an object by the same primary key twice you don’t get two different copies, you get a pointer to the most recent version. On the surface that makes sense but there are a number of reasons I don’t like this as the default setting. Luckily you can turn this off through a configuration setting when you initialize Doctrine.
Hydration Speed – This is my biggest complaints with Doctrine. If you run a query that pulls a parent/child relationship (i.e. a customer and their orders) this take a lot of time with Doctrine’s hydration method. The complexity is the circular references you can get. I don’t know why Propel handles this so much better but the impact is you can’t use Doctrine’s hydrated objects in you views. The way around this, I’ll call the Doctrine Way, is to have them hydrated as arrays. You still get the parent’s children, you just aren’t working with a native PHP object. When you think about it, it make sense, though I still prefer having a choice. The performance hit you take, even on simple queries, makes the array hydration mandatory if you are pulling more than one or two records from the database.
No 5.3 namespace support – It too doesn’t support namespaces yet.

This isn’t meant to be a comprehensive review of either system, rather, a punchlist of noteable things. I don’t feel this blog post is near comprehensive enough to base your decision on, rather, it can be used in addition to your findings. I’d love to hear the other pros and cons from either camps.

Moving On

Tony — Wed, 16 Dec 2009 14:38:10 +0000

My guess is this will largely go un-noticed but I felt a formal blog post was in order for announcing my decision to stop contributing to AptitudeCMS and Geeklog.

I owe quite a bit to Geeklog…after installing Linux and PHP for the first time over 12 years ago I ran across Geeklog, learned a thing or two about open source development and started Iowa Outdoors (which I’ve since sold). Not long after that I was fortunate enough to serve as the project lead for Geeklog before handing it off to the current lead, Dirk Haun. Back then, there weren’t many viable options in the now overcrowded PHP CMS market. Sadly, I’ve watched Geeklog’s popularity slowly decline to its current state. That said, I have a few constructive things to say to the Geeklog community and the PHP community at large.

First to the Geeklog community. You’ve run into rough times. WordPress, Joomla, Drupal and company really are the champions in this space. Without doing more digging than I care to, I know Geeklog is far behind in any of the hard metrics that really matter (code commits, # of active developers, etc). Just a hint of proof is had by comparing Geeklog’s Ohloh stats with this, this and this. Then there those things you can’t quite quantify, the passion of the community and the level of innovation happening. Right now I feel the Geeklog community is pretty stagnant. Some of this is likely to be blamed on the fork of Geeklog (whose Ohloh stats don’t speak well either). Fact is if you combine both glFusion and Geeklog’s numbers together it still paints a pretty bad picture. You could argue they don’t need to aspire to be like WordPress, Joomla and Drupal which is fine but what I think has gotten lost in all of this nobody has consciously said if that’s the game they want to play and, if not, what differentiates Geeklog from the rest? In the meantime, the set of features added over the past year or two suggest, in fact, they are playing catch-up to some of the features found in those other systems. That’s not bad, but my point is Geeklog seems to lack a tangible goal. I guess that is part of the nature of open source…the perpetual, organic, itching of scratches but I still feel open source projects need to have long term visions far beyond the next commit, next point release and even next major release. With that said here’s some suggestions for Geeklog’s community in no particular order:

Change your name – I attempted to address this with AptitudeCMS and failed but something has to be done. I’m not sure if there is a precedent for a name change in a well established open source project but it has to happen for Geeklog. To me it is branding 101. For anybody outside of a blogger or hobbyist, it’s hard to take the Geeklog brand seriously. Pointy haired managers scoff at such a name (I’ve seen it). Sure you risk confusing or alienating people but I feel Geeklog, as a brand, is hard to sell. That said, even without a name change the remaining points are crucial.
Change your image – The Geeklog homepage screams mid-1990′s era design. It’s the first impression we give users. Even if you don’t want to compete directly with the bigger kids on the block, you can’t argue that Joomla, WordPress and even the Geeklog fork looks better. It’s the first impression a user gets. I think improving the Geeklog homepage will lead to more interest. Once captivated, I have now doubt the codebase speaks for itself but, for now, the Geeklog homepage is forgettable for new users.
Get social – Geeklog is no where to be found on Twitter, Facebook, etc. The missed opportunities here are, frankly, staggering. The PHP community (as well as Drupal, Joomla, etc) all have a strong presence in these areas and I have no doubt the Geeklog community could benefit by joining the conversation.
Blog – Let’s face it, there isn’t much in the way of active Geeklog developers. The ones there really need to blog about what’s going on behind the scenes. What are you working on? What’s a challenge you are facing? Any good commits lately? This in part gets back to the goal setting discussion but it is more todo with giving the community a glimpse of what is going on.
Find a partner – Ok, this is probably one of the more controversial points and one that is often dodged in open source discussions but behind nearly all successful open source projects is an organization. Sometimes it is not-for-profits but many times it is a private company or two. Right now there isn’t a single Geeklog developer paid to work full time or even half-time on the core of the system. Geeklog’s current codebase, in my opinion, has to be worth that investment. I think part of the problem here has to do with the name, image and branding issues I brought up. That said, I know of a lot of organizations making selfish use of Geeklog without giving anything back. No bugs, no code, no testing, no translations nada. Zilch. Now before the hardcore OSS supporters flame me, I’m not suggesting the project be effectively run by a company or an organization, rather, there should be enough of a community still where they can contribute developer hours to the project. I believe strongly the project itself needs to remain organic able to change with the needs of those who lead…but that some investment by industry is needed. Who will stand up?

Now to the PHP community at large. As I look at AptitudeCMS, I see a body of work that started before there were any other PHP frameworks around. I started with an MVC implementation. I incorporated a simple template engine. Later added an ORM. Much of this happened over many employers and well before anybody uttered Zend Framework for the first time. AptitudeCMS as a project is a failure in large part because it was never really released as a “formal” project until well after current PHP framework space became cluttered. Fine, it is what it is. However, to see this stuff rot and be used only when I have a new project come up seems silly. I’m pleading, for my own sanity, don’t let this code go to waste. Feel free to dissect it, borrow anything you find useful and laugh at any bad code you dig up. Some areas of focus:

MVCnPHP – It’s a viable alternative to Zend Framework’s MVC implementation. It’s small, configureless and doesn’t present file contention issues common with ZF controllers. I’m sure a Zender can point out ways around this but most ZF projects I’ve seen have all the logic in the controller which seems really wrong to me and is a bit painful when you have multiple developers working in the same controller. Sure SVN, etc can handle the merge but you end up with a lot of merges. MVCnPHP is much more atomic, view logic goes in a simple, small view class. Command logic goes in a similar command class. The controller is only responsible for routing requests between views and commands. An upside to this is MVCnPHP also has basic support for tainted variables. For the unaware, it’s a simple feature that notifies developers with exceptions when an unsanitized GET or POST variable is used.
Filtering – I built a filter class on top of Zend Framework that can easily be added to MVCnPHP views and commands. Without much work it could also be incorporated into Zend Framework MVC implementations. Look first here then see the “cool code” in the Filter class which is nothing more than a class that passes calls thru to Zend’s library and then the abstract view that uses it. I doubt the code will tickle you as is but I think conceptually it has merit for someone out there.
ORM->Form and Form->ORM – Because we use Propel we were able to dream up a way where we could hand a view an object and have it pre-fill from that object without us having to explicitly set the form field values. Similarly, in our commands we found a handy way of creating the same ORM objects from the submitted form without having to explicitly map and set the ORM object’s values. This was a huge time saver. I think with a little work this code could be modified for Doctrine. Here’s how we map a form submission to a set of object(s) and here is mapping a object to the form

One thing I want to warn the community at large about is I’m seeing what feels to me like a trend in PHP to conform. You could argue that this very blog post is me, in a way admitting defeat and conforming, but I want to state the obvious that you always have a choice. It seems like many people are choosing to use part of a framework they have already installed instead of challenging whether or not it is the best tool for the job. Just because a filter class is included in Zend Framework doesn’t mean you have to use it. Just because ezComponents has a workflow component doesn’t mean you must employ it. Fact is AptitudeCMS includes Zend Framework, has some PEAR libraries and even some things like MVCnPHP. You can argue bloat, file sizes, which is valid but I’m confident you can still cherry pick the best parts of a framework to give you something you can work with long term. I’ve used Flexy instead of Smarty, MVCnPHP instead of Zend Framework and Propel instead of Doctrine. Some could see those as one bad decision after another but it’s simply the result of a cherry picking exercise I did long ago. Today I’d likely make different decisions but I can tell you I wouldn’t put all my eggs in one basket. Nor should you.

This blog entry, a self admission to failure, hopefully didn’t upset anybody along the way. To be clear I’m the only one who failed here. Maybe “fail” is too harsh a word as I’m quite happy to make this transition but I want to be clear to Dirk Haun, the Geeklog Project and those of you whom I’ve brushed IDE’s with are all people I very much respect. I hate “losing” and this feels like a loss and will always feel that way. If anybody makes use of any of these suggestions please pass that along in an email to me. It will take a bit of the sting off.

Stop Follow Friday Insanity

Tony — Fri, 29 May 2009 06:00:25 +0000

I hate this phenomenon on Twitter called Follow Friday (referred to via the #ff and #followfriday hashtags). Get ready for a big dose of hater-ade because I’ve endured this crap for the past few Friday’s, filling up my Twitter stream and it’s gone beyond the point of ridiculous. So why am I hatin’?

Conceptually Follow Friday is cool. It’s a day to try and expand your Twitter network by taking recommendations from your followers on other people worth following. Simple enough. But the whole damn thing is missing the target. That said, here’s my Follow Friday *censormode*-list:

My first gripe with Follow Friday is some people will recommend far too many people. Some people even have multiple tweets giving a half dozen or more suggestions. Seriously, you can’t give this whole thing a bit more thought and recommend just a few worthwhile suggestions?
All you get in a Follow Friday tweet is the Twitter username. Follow Friday tweets don’t bother telling me why someone is being suggested. That is sort of pointless because now I have to dig into their Twitter timeline and fine out if they are truly follow-worthy which is an exercise in futility especially if you are guilty of the first bullet.
Why Friday? Sure, Follow Friday sounds cute but aren’t people follow-worthy the other six days fo the week?
Oh, and my biggest *censormode* about the whole Follow Friday phenomenon is the follow-up tweet where the person being recommended in a Follow Friday tweet thanks the person who suggested them. No, the thought is fine but make it a direct message and don’t further clog my Friday timeline even more Follow Friday crap

Ok, so I’ve got that off my chest. Now let’s go a step further and turn this into constructive criticism by suggesting better ways you can implement Follow Friday:

Limit the number of suggestions you make. Give that limited number of suggestions some thought.
Give a reason your followers should follow the person you are recommending someone. Consider going a step further by writing up a short blog entry why someone should be followed. This has added benefits of not being lost on search.twitter.com after a few weeks) and it acts as a place your followers can go to get more recommendations by you.
Try making recommendations on days other than Friday. Sure, then you can’t call it Follow Friday anymore but I think your followers will appreciate getting one recommendation a few days per week than a dozen all at once all without a stated reason

Ok, I know all this probably came off negative and I know there are a lot of Friday Follow lovers out there. Keep doing what you do, but please, consider taking some of this advice to make it more meaningful to all your followers.

MVCnPHP v0.3.0 Released

Tony — Mon, 06 Apr 2009 14:09:04 +0000

Two weeks ago MVCnPHP v0.3.0 was released into the wild. This update really addresses only two things:

CSRF Protection – If your views use the built in support for Flexy (via the class BaseViewFlexy) then your forms will automatically have a Cross Site Request Forgery token added to the form as a hidden field along with having two cookies set to check the validity of that CSRF token. The CSRF support is enabled by default which means all MVCnPHP commands that extend BaseCommand will automatically check the token for you.
We’ve added the use of the __DIR__ magic PHP variable in the requirement statements. Opcode caches, particularly APC optimize better when require’s are used with absolute paths.

As always we encourage you to download and install MVCnPHP. For faster notification on MVCnPHP news and releases be sure to follow AptenoLC on Twitter

Webinar on Propel sponsored by php|architect

Tony — Tue, 24 Mar 2009 07:33:35 +0000

This is just a friendly reminder that this Friday, March 27th from 12pm-1pm CST I will be giving a webinar on using Propel, an object relational mapper (ORM). This webinar is just one of a series being sponsored by php|architect. The webinar will focus on the basics of installing and using Propel as well as one or two more advanced topics. If you are interested why not register now!

MVCnPHP

Tony — Fri, 13 Mar 2009 06:19:51 +0000

I will start this blog entry by saying I like Zend Framework. I really do. However, the part of ZF I don’t use is the MVC implementation. No, it’s not bad. Actually it’s a good implementation that is the product of a lot of hard work by Zenders and non-Zenders alike. I use bits and pieces of ZF in my PHP projects and, admittedly, Zend’s MVC implementation never made the cut. Why?

I started using my first MVC implementation, Phrame, back around 2002 long before ZF. I was quickly turned off by Phrame’s Stuts-ish familiarity (no, I don’t hate on Struts either). The crux of my problem was the need to edit a bunch of files just to implement one page in my web application. So started MVCnPHP. That need to itch a scratch produced an MVC implementation that made it’s way into my 9-to-5. Over the next 7 years or so I did attempt to release MVCnPHP into the wild but never really polished it off. Today I’m happy to announce that has changed.

Before I get into MVCnPHP let me circle back around to ZF. Why didn’t I adopt it’s MVC implementation when it was released? I considered it but the issue simply came down to my biased view of the design differences. In fact, I was motivated to release MVCnPHP because of a project I recently inherited that uses the Zend MVC implementation. The biggest difference between the ZF MVC implementation and MVCnPHP is MVCnPHP is meant to allow you to isolate views and commands into their own files and simply drop them into a directory then having your controller immediately aware of them. I admit this quality of MVCnPHP isn’t unique in the world of MVC implementations but this whole experience motivated me to really start working on polishing the code and documenting how to use it. Today I’m happy to announce my first release of those efforts.

So to cut the fluff, here’s a few things to get you started on MVCnPHP:

I know learning a new MVC implementation may appear time so to help you evaluate it you can see it in action with this sample application that not only excersizes most the features of MVCnPHP, it gives you quick access to the code behind the scenes.
After that why not download MVCnPHP. We have versions that support PHP 5.2.x and well as a release that support PHP 5.3 namespaces.
Once installed all you need to do use read the MVCnPHP User Guide. The guide is still a work in progress but it does cover most of what you need to get started.

I can barely contain my personal excitement for getting this out. MVCnPHP represents a library that brings the benefits of a model-view-controller implementation in a package that is small, yet packed full of features with no limits for being extended. I hope you all agree.

The Pragmatic Side of Twitter

Tony — Wed, 25 Feb 2009 10:33:19 +0000

It never fails. Once in a while (today being one of them) I get questions from friends about Twitter an why they should use it. I use to point them to one of my blog posts on the subject. That might be enough to get people to sign up but many still don’t get it. Truth be told, Twitter is ironically hard to describe in just 140 characters so maybe instead of trying to focus so much on the social aspects of the site I should simply give clear examples of good things that have happened since I joined Twitter.

Most recently a reciprocal follower @sweatje posted this: “Have some part time telecomuting PHP/Data Modeling work for a client I am unable to take on. Message me if you are interested.” A few weeks later I was tabbed to take on this part time work for the client he mentioned. Now over a month into it I can add that not only is the opportunity fun, but the client is great to work with.

A customer of mine informed me her husband was laid off from Principal Financial Group (http://www.principal.com). I suggested that he join Twitter as I knew there were a few local recruiters on the site. Just over a month ago I learned that that same person got a job through @sfedd’s company via an introduction I made to them both on Twitter.

@CalEvans announced he was leaving Zend as the Editor of DevZone and community evangelist. Over a series of months I was offered the job to replace him. It didn’t pan out but without Twitter the opportunity would have never found me, a software guy tucked away in Urbandale, Iowa. In a bit of a twist, I blogged about the events then posted it to Twitter and eventually this all made it’s way to @EliW who is now working hard at that post for Zend.

I love my family and my job. However they are competing influences. I’ve met great people like @markwarnke who emphasis the need for balance (I haven’t taken his ONO thing hook-line-and-sinker but the guy is a must-follow) and not too long ago my wife, @kbibbs, joined Twitter along with my dad, @mdbibbs and his love interest @TeresaBrent. For me that means I get regular updates on my kids, what my wife is doing, how my retired father is enjoying himself and what he and @TeresaBrent are up to. I get all that as it happens…not by waiting to make long overdue phone calls to my dad or getting middle of the day phone calls from my wife.

Now toss in the typical uses of Twitter, meeting new people, sharing thoughts with people with like interests, answering questions from people in need and then you really begin to see the power of it as a medium. I’d love to hear how others have used Twitter to make a difference in their own lives and the lives of others.

PHP 5.2, Mac OS X Leopard and Oracle

Tony — Fri, 16 Jan 2009 10:30:58 +0000

I wanted to give a heads-up to all the PHP, Mac and Oracle fans that I just had an article published on the Oracle Technology Network (OTN). It’s been in the works for months but has only just recently been published. I have to give Christopher Jones a lot of credit for being patient wtih me. The end result was an article that was fairly easy to write but was a bit of a pain. What you see in the final version is how to setup PHP, Apache and the Oracle Instant Client on a Macbook running Leopard. The most unfortunate part of all this is I was unable to get all the moving parts working on stock version of Apache. Instead I had to roll with a version of Apache I compiled from source. For those of you interested in using Oracle the article walks you through the installation process pretty well. It should also be noted I did confirm the same instructions worked flawlessly using the last PHP 5.3 alpha release. To the skilled people in the PHP Community, if someone does figure out how to get this working with the stock version of Apache I would love to hear how you did it because that’d be ideal for most of us Mac users. Comments aren’t possible on the OTN version so feel free to add comments here.

Will the Real Government IT Community Please Stand Up?

Tony — Tue, 02 Dec 2008 11:51:42 +0000

Before any of what I am about to say can make any sense first know that the motivation for all this comes in light of a decision I’ve recently made to continue on in government a bit longer. Secondly, before I can begin to answer the question posed in the title of the blog entry let’s first define what I mean by community. Here are a few definitions I dug up:

Group of people sharing a common understanding who reveal themselves by using the same language, manners, tradition and law.Wictionary.org

A specific group of people, often living in a defined geographic area, who share a common culture, values, and norms and who are arranged in a social structure according to relationships the community has developed over a period of timecdc.gov.

So if I had to craft my own definition of a community it’d be more of a list of requirements:

A group of people who share a common culture
A group of people who willing participate in building relationships in the community
An unselfish group collaborating to achieve a common set of goals

You don’t have to search too hard for great examples of communities. Examples I can name are Iowa Outdoors, a community I founded that is dedicated to hunting and fishing in Iowa. There is also the PHP community…for those not in the know PHP is a popular programming language for building websites (including this blog). In fact, open source software such as PHP are some of the best online communities (Apache, Ubuntu, etc).

Notably missing from that list is anything catering to government technology workers. Google doesn’t seem to reveal anything. Probing IRC for related channels gave the same. If there were a segment of people who could benefit most from our community it is government. So why doesn’t one exist? I think major reason is cultural.Government culture is very much top-down which stands in contrast stark contrast to the successful communities I participate in which are all grassroots efforts. Need a great example of that? Take the now defunct Government Open Code Consortium (site is still up but clearly not in use). While the notion of the group was admirable, one of the reasons it failed the community they were trying to cater to didn’t exist yet. Couple that with the fact that single goal of sharing source code involves all sorts of very frustrating hurdles (government lawyers, contracts, etc). It was simply too much to bite off.

Another cultural hurdle is that most online communities use things like instant messaging, IRC and a bunch of social networks like Twitter and Facebook….things that are often blocked by most web filters deployed by many government entities. Why? I believe that public perception is that all those things are simply time drains and while they certainly can be just that, the benefits that can be reaped from these communities far outweighs the abuse of that privilege by a few government workers.

I can only speak for state government where I’ve dedicated the past 6+ years of my life by saying that the problems that face state agencies are usually not unique within that state. More so, you can rest assured that when you add in other states all tasked with similar responsibilities you know there are a number of initiatives to solve problems all happening in their individual silos. Lumping in the federal government only exasperates the problem. All that collective knowledge working independent of one another without collaboration only to guarantee government will keep its perception of being inefficient and rigid. That has to change. The Government IT culture has to change.

Fortunately I’ve been put in a situation where I can actually try to address this lack of community by focusing first here on Iowa where I guess we have in the neighborhood of 150 developers and likely three times that when you include the other IT disciplines (networking, infrastructure, security, data management, etc). That’s just state government. Now lump in all the cities and counties in Iowa . Then toss in the other 49 states with their counties and cities. Finish it all off by adding the federal government to the mix and I think you begin to feel the potential that community can has.

By focusing on the community and building relationships across the boundaries the top-down style government puts in place it will eventually become an entity of it’s own and it is only when that community fits our earlier definition that we can begin to do really creative things like sharing knowledge, source code and resources (people, hardware, etc). I hope you’ll follow me on this trek and that you recruit people you know in government IT to participate and be a part of something exciting. After all, without the people there is no community.

Video from Ignite Des Moines

Tony — Mon, 17 Nov 2008 15:30:04 +0000

This just in! So you’ve maybe seen the slides from my Ignite Des Moines talk. Thought that sucked? Now you get the video where I give the talk while drinking!

Click To Play

Nerd Herding

Tony — Fri, 07 Nov 2008 08:00:52 +0000

Last night I had a great time giving my talk on Nerd Herding at Ignite Des Moines. For those that missed the event it is the place to network with the tech/web scene in the Des Moines metro. Free food, free beer and great talks were given. For those that missed it, below is the talk I gave. I hope to have the recorded footage of my actual talk (and the other talk given) in the near future so check back.

Nerd Herding

View SlideShare presentation or Upload your own. (tags: job career)

Five Minutes of Fame (Literally)

Tony — Tue, 28 Oct 2008 10:38:41 +0000

I’ve been recently selected to give a talk at next week’s Ignite Des Moines event. I stumbled across the event via a series of posts on Twitter and my submission on “Nerd Herding” was accepted. Now, to be fair, I first saw that phrase “Nerd Herding” somewhere on Cal Evan’s Blog and thought it would be a timely topic as I’ve been recently in both sets of shoes as the “employer” and then “job seeker” (more on that over the coming weeks). I’ve lived in Des Moines my entire professional life and have learned a lot on what I look for in potential employers. The Des Moines metro has no shortage of boring employers (sad but true). On the flip side I truly believe Des Moines tech market is undervalued in large part because many of the talented geeks don’t know how to market themselves as industry experts.

My first goal for the talk is simple…using entertainment as the analogy, how can employers become agents who “discover” up and coming stars (i.e. alpha geeks). I believe the best jobs are ones that are discovered, not applied for. My second goal and, frankly, what made the event intriguing is how to communicate all that on 20 slides shown for only 15 seconds each. For the mathematically challenged that’s 5 minutes of fame.

In all seriousness I hope to see some of you there. If you aren’t interested in listening to my hot air there will be other great speakers and you will witness the egg catapult contest and announcements of the 2008 Iowa Web Award winners.

Web Security Demo

Tony — Fri, 10 Oct 2008 14:58:58 +0000

Yesterday, on an invitation from our Information Security Office (ISO), I had the pleasure of giving a talk on about injection flaws, Cross Site Scripting (CSS) and Cross Site Request Forgeries (CSRF). That talk had a surprisingly large turnout and crowd participation was good. Anyway, I took my old talk on CSRF and expanded it to include a very simple PHP script (roughly 60 lines of code) that had 2 SQL injection flaws, 2 XSS flaws and a CSRF flaw to boot. I demo’d the flaws (sample input included) and I provided another script that shows some of the fixes you can make to sure it. I’ve made the slides you see below along with my sample code and the MySQL database available in this ZIP file. For anybody with a working PHP/MySQL setup it would take seconds to stand up and you have something you can play with to see how you can take my simple hacks and turn them into something more serious. Please add a comment below if you find any problems or have any questions.

Web Security Overview and Demo

View SlideShare presentation or Upload your own. (tags: xss sql)