Older blog entries for ErikLevy (starting at number 189)

I noticed mascot's comment about tttt now 'forging' other people's accounts. It is pretty clear that Advogato is not meant to be the most securely designed site on the Web, but instead a test of a concept of raph's.

The real question is, is this particular 'hole' easily fixed in an environment that is not meant to be secure? Looking (very briefly) it seems a bit of adjustment might be all that is needed, but it really matters how the Advogato system handles cookie information, and login information during the /acct/certify.html page generation.

And of course, a brute force attack could always be one way to get into an account. However, a brute force attack can be countered various ways, so that would be of only limited access potential.

All in all, most people probably don't feel like there is so much here that needs protecting but it is strange when you lose your innocence how what seems not important suddenly becomes so.

There is change a brewing.

26 Jun 2002 (updated 26 Jun 2002 at 20:50 UTC) »

I am way too busy. The company is redesigning (ahem, I'm leading the redesigning of) its network security architecture and authentication system. This is good because we are gaining more control over what gets through the network but unfortunately it coincides with the company's products that I lead development and sales of having a huge sales increase and thus pulling me in two pieces.

There are also so many other pressures at the moment that it seems like the day just doesn't end. I know this phase will pass but it is unlikely for it to get less busy versus actually just increasing more for various reasons.

P.S. raph something is wrong with the logout code. When using IE 5.5 (which is patched), it sometimes logs me out and sometimes doesn't. It may be IE specific but it may not be...I wonder if any other users have this problem?

Thanks to everyone who congratulated me on my engagement. I feel very lucky to have found someone who understands my particular quirks and even thinks they are a positive quality. (Note: It is totally fine to laugh at oneself in public as long as they realize you are trying to be funny ...)

On to other things (because my life is revolving enough around the marriage ceremony that I don't need to clog this space with it too)!

I had an interesting conversation with someone about infrastructure development and the fact that it isn't easy to do well and too many people think they know how to do it than the IQ curves allow. Seriously, major companies are having problems with this area and open source is playing an important part in the overall development. As it always has. I didn't say it was an easy way to make a living though.

Till later.

Word from the kingdom tells the tale that I am now engaged. It seems the story rings true.

In other words, I'm getting hitched boys and girls.

Things have been busy at work. Thus, I have felt like I have had little time to update my diary here.

All in all, everything is going fine. I have both been learning some new techniques through research and working hard to finish an in-house application and get ready for featuritis to start on some of our e-business applications.

I'm digital, babe

Do you feel the heat on your face? That's the speeding electrons coming at you through your view screen. Thanks to that device, you can read my thoughts of the public moment.

Work has been going well. After speedy development, a slow down when the heavy stuff hit and then a pick up as the pieces fell into place, I am in a better place psychologically for finishing this large application.

I still think there is another week left but that's about it. I also think some other projects are just around the bend, which will be pleasant enough.

I wonder how difficult it is to migrate to the Apache 2.0 server module framework...I have heard that the speed up will not be that significant for popular UNIX based platforms. But without any empirical testing done, I will have to wait and see.

Spring is almost here. Now can you figure out my geographic location from that?

The application project is coming along well. Just adding in the last pieces that the users will need for most operations. Then the secondary features will be built in. Once all the above are completed, a demonstration to all involved will be commenced and any additional features or adjustments will occur.

Hopefully I will get this baby off my hands in the next two weeks. Then we have a rigorous testing period and then hopefully another product will be out in the land of users.

While this product is for in-house use only, it has a significant impact on the e-business infrastructure here at this company. The external and internal become the same thing in a new package in the world of digital.

Went away on a mini-vacation, that was definitely nice.

I have been writing code at both the low level bits and bytes level and the higher level 'object' level. It's extremely important to understand when one approach, say memory management of the heap versus GC is the best trade off for a given project. How many times have I heard, "I don't like GC because it is slow" or "Why would I want to bother managing memory when I need this to work now."

The truth is that, like the projects that many of us have to deal with, trade offs always exist and being closed minded is going to hurt you rather than help you many times.

Since software is by definition flexible, projects always evolve and the most difficult aspect can be just to predict where a project is going to lead.

Unfortunately, as the US stock market shows, we humans are not necessarily very good at predicting.

Lets see, revenue is up several times more than expected at the company, I have about 60 items on my to-do list at work, and I feel a bit 'energized ' for some reason today.

All in all, I'm in a great mood. Things are coming together quite well indeed.

180 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!