Jun 12, 2009, 10:03 by mwesten
The talk was nice; not as deep as could in 60 mins; however seeing Paul speaking is always nice.
The Easy Problems are the Hard Problems: An in-depth look at the easy/hard parts of web applications.
Paul Reinheimer (Jun 12, 2009)
Talk at Dutch PHP Conference 2009 (English - US)
Consider "Easy" problems in web applications, like login forms. On the surface, terribly simple, slap some escaping functions on a query and you're done! Well, not quite, what about brute force login attempts? Locking accounts? Captachas!
This talk will examine a few of those easy problems, how hard they really are, and present specific solutions and methodologies.
Quicklink: http://joind.in/578
Comments
Jun 12, 2009, 19:07 by Dynom
I definitely expected a little more from this talk, but the humor really gave it some credits.
Jun 12, 2009, 20:24 by ianb
Very smooth professional speaking, could have been longer but it looks like the speaker was expecting more questions during. I enjoyed!
Jun 13, 2009, 08:08 by jach
Very nice talk. Interesting topic and presented very nice. Looking forward to his next talk.
Jun 13, 2009, 09:45 by joe
Interesting problems analysed by someone who is, err, really near the heat. Could have been so much more interesting, the depth of the problem space was only revealed during the Q&A session afterwards.
Jun 13, 2009, 21:35 by danielito
More a course for a school class than for professional PHP developers. No wonder that the magic was over after 30 minutes. Poor.
Jun 14, 2009, 03:47 by Anonymous
Lots of interesting points, could have been longer.
Jun 14, 2009, 13:45 by drm
Way too shallow, and sorry Paul, the kitten thing is getting really old...
Jun 14, 2009, 21:18 by Anonymous
longer next time please.
Jun 15, 2009, 16:35 by lornajane
Predictably, I liked the kittens :) Some of the issues around account locking and identification were nicely done - would have liked to seen an hour of this level of content.
Jun 15, 2009, 18:46 by akrabat
I found the section about handling account login issues very interesting and it's an area that I now intend to improve in my code. More detail about detecting that what attacks are happening would be appreciated too.
Jun 15, 2009, 22:32 by Pelle
Did not cover new things for me, I'm sorry. And agree with drm about the kittens.
Jun 16, 2009, 06:33 by Anonymous
Just did some highly questionable comments on UI design solutions, like converting a login and a password to two passwords for example, which makes absolutely no sense. Quit after 30', not a minute too early.
Jun 16, 2009, 09:25 by Anonymous
Nothing learned, short and uninteresting talk :( sorry Paul, it's the talk I am rating here, not you.
Jun 12, 2009, 09:57 by Conor
30 minutes in a 60 minute slot? Dragging out the audience questions to reach 40 minutes. Very poor! The presentation was not only too short but also too shallow. A disappointment.