Back to top

Rain Skirt - The Intelligent Alternative to Rain Pants

Colorado is not known as a rainy place, but in the spring and summer months we do get our fair share of downpours -- especially in the mountains. This past spring my good friend Libby and her man Reid took off to Central America. But before they went, they were kind enough to hook me up with a great a-line rain skirt!

The Rain Skirt Story - at least as I know it

A while ago Libby made herself a rain skirt. The idea was simple - skirts are so useful and keep cool even on hot days. When you're wearing a cute skirt, how do you make sure that it stays dry? Why not combine her favorite piece of clothing with some protective goodness and a lot of time at a sewing machine trying out different designs to come up with the ultimate wet weather wearable? So, she did. Libby's rain skirt made her extremely happy and led to lots of envious looks from friends who had uncomfrotable rain pants or drenched legs when their long jacket failed to protect them fully. So, Libby started thinking about making them for other folks.

The Rain Skirt Evolution

Libby has thought a lot about the best way to bring Rain Skirts to the masses. She knows that she needs them to be professional, that's for certain. So, she started exploring vendors that make outdoor apparel and found a great company that creates lots of items for some of the big brands. They went back and forth with ideas for designs - both to make them more functional and more fashionable.

Rain Skitrs are Born

People Involved: 
timeline: 
Location: 

linux screen cheat sheet

Let's say that you are running a command on a linux shell and it's taking a long time. Further, you need to disconnect your session to get on the bus or your session gets disconnected because your net connection is flakey.

Screen to the rescue

Imagine if you could just disconnect from your shell session and then reconnect. Well, you can :)

People Involved: 
timeline: 

denver postgresql training

I recently attended a training that Kevin Kempter hosted. It was a really great two night session aimed at experienced DBAs/Developers so that they could learn PostgreSQL. Kevin has a lot of experience with postgres and wanted to help share that experience with other folks. He's finding a growing need for PgSQL developers in the Denver area and wants to build up a user group and network here so that companies deciding whether to use PostgreSQL or not will see an available local talent pool here in Colorado.

People Involved: 
timeline: 
Location: 

RFC - Security Bounties in Open Source

The other day I broached the idea of a security bounty in the Drupal project. I had first heard about this concept from the Mozilla Foundation's Security Bug Bounty which appears to be the most famous of these.

Why Security Bug Bounty's are a good idea

This is pretty simple:

  1. It provides at least some motivation for folks to actually look at the code and find security bugs making the software more secure.
  2. More folks looking at the code is always a good thing.
  3. Just the concept and the existence of the program reminds people that we take security seriously, and informs them of the proper way to report a bug.
  4. In the case of the Drupal Association - which can't make decisions about the code based about the statutes (en pdf) (more formats/languages).

Generalized Security Bug Bounty System

This concept seems to me like it could be generalized for any software project. Here are the rules I came up with, based upon the Mozilla foundation's rules.

<

ul>

  • Security bug must be original and previously unreported.
  • Security bug must be a remote exploit.
  • Security bug is present in the most recent version of the Mozilla Suite, Firefox, and/or Thunderbird, as released by the Mozilla Foundation.
  • Security bugs in or caused by additional 3rd-party software (e.g. Java, plugins, extensions) are excluded from the Bug Bounty program.
  • Submitter must not be the author of the buggy code nor otherwise involved in its contribution to the project (such as by providing check-in reviews).
  • Employees of the project (if applicable) are ineligible.
  • If multiple people report the bug the reward will be split among them equally.
  • People Involved: 
    timeline: 

    Pathauto Development Update - And a Call to Use Tokens

    I feel very happy today and I think you should feel happy too. Pathauto is a great module that has served millions of visitors to thousands of sites very well over the years. But Pathauto, along with all of Drupal, is getting a little bit better!

    Enter Token Module

    At the very end of 2006 Jeff Eaton started work on a token module which took the pattern logic out of Pathauto into its own module (and extended it a bit further). All those little strings of text like [title] and [cat] and [user] which Pathauto uses were all placed into a separate API. This provides two great benefits - first, it makes them available to other modules such as the custom breadcrumb, autonodetitle and other modules. Second, I instantly recognized the personal benefits from this decision because the token parsing part of Pathauto was the source of most of the bugs. I thought that if I outsourced the patterns I'd also outsource the bugfixing! In the end I'm now a co-maintainer of the token.module providing some bug fixes, features, design reviews for the module. At least I have a partner in crime on the issue and at least the work can benefit all of Drupal instead of just Pathauto users.

    Call to module developers

    This call is two fold:

    First, to modules that implement pathauto hooks: now's the time to start implementing the token hooks. This will open up your module to interaction with a much broader set of modules and is a much better long term solution than the Pathauto hooks. To learn more about token or discuss it's use, join the tokens group on groups.drupal.org.

    Category: 
    People Involved: 
    timeline: 

    Privacy in the Digital Age - Up a Clickstream Without a Paddle

    So, privacy. That's kinda an important thing right now. As we go around the internets we leave all sorts of information about ourselves online. That information is valuable. No, I mean really valuable. Even if you don't submit your personal information (like name, or address) to a website you are still leaving providing private information just by visiting a site. Don't believe me? Look at this press release from hitwise about real estate. Notice anything? Like how visits to real estate sites are a leading indicator of home purchasing behavior. Yeah, your visits to sites, or "clickstream" is a predictor of what you think about and what you are planning to do. Looking for a house - you visit a real estate site. Looking for a new job - you visit a job site. Looking for...you get it. Your clickstream is a mirror of you - even without personal information associated with it.

    Big Evil Google

    What is the company that concerns you most when it comes to privacy? It's GOOGLE right? Man, their search is so good. Their search is good and their information awareness is so strong and not only do they have my clickstream (cause I only find sites through their site and they know what I click) now they also have my email, spreadsheets & text documents, blog, photos, credit cards & address - shoot, they have everything too. Organized. Segmented. Cross referenced. Searchable. Um, yikes.

    Privacy of your clickstream

    Category: 
    People Involved: 
    timeline: 

    Pages

    Subscribe to Knaddison.com RSS