colocated at C7 Data Centers
administered by Anavi Design
For our July meeting, Josh Fenio will present on A Web Developer’s Guide to System Security. The presentation will track the day to day aspects of a security-minded systems administrator. Topics that will be covered include intrusion prevention, intrusion detection, and recovery, along with relevant tools to accomplish each mission.
Josh Fenio is a software engineer in Northern Nevada, known as “stderr” or “dataw0lf” on the IRCs.
I’m pleased to announce the May Meeting for this Thursday, Security + PHP.
It’ll cover some of the basics of web application security, such as Cross Site Scripting (XSS), Cross Site Request Forgery (XSRF), SQL injection and some tips for their prevention and becoming more security conscious. There will be some demonstrations of all the topics with some suggested solutions. We’ll also see a demonstration of the simplistic Browser exploitation Framework (BeEF) project from bindshell.net , which presents an interesting take on potentials of XSS and XSRF within the browser.
A little about Eric:
I’ve been a programmer since I was age 12, back in the days of TI-83 graphing calculators and the lot. From there, I learned to develop through a combination of languages including Visual Basic, Delphi, and C/C++ with mostly security and personal firewall penetration testing applications that performed on the Windows platform. I learned substantially about the Windows API framework and developed most of my system level programming skillsets from this focus. I’m coming up on my senior year of my Bachelor’s degree program at Weber State University and work almost exclusively with web development technologies, such as PHP, (X)HTML, CSS, Javascript, AJAX, etc.
For the past year, I’ve worked at Code Greene, a web development company based in downtown Salt Lake City; I’ve worked on backend medium to large scale integration projects as well as custom PHP and CakePHP web frontends and sites, though my preferences are towards integration and API projects. While I know CakePHP best, I have looked at other PHP frameworks, such as Code Igniter and Zend Framework. In terms of my computer preferences, I don’t have a lot of time for gaming so a Linux distro, such as Ubuntu or Kubuntu, with some quality hardware usually suits me well. I don’t like Windows much anymore, as in the past year I have migrated all but one of my home systems to Ubuntu and only have to use Windows minimally at the university. Honestly, either way works if I can get the job done without too many runarounds, and you know…button clicks.
Eric can be followed on twitter at xtrementl (Extreme-NTL).
This Thursday’s meeting is going to be presented on SSL + Apache. It will cover SSL basics, how SSL works, how to get an SSL certificate, how to create your own certificates. The difference between self signed and certificate authorities. Building your own certificate authority. How to configure Apache with an SSL certificate. And other general SSL tips and tricks.
Lonnie Olson aka. fungus is a long time Linux/BSD administrator with a love of programming, networking, and security. Infrequent postings can be found at http://lonnieolson.com/ or on twitter @fungus.
Open Source Bridge is a new conference for developers working with open source technologies. It will take place June 17-19 in Portland, OR, with five tracks connecting people across projects, languages and experience to explore how we do our work and why we participate in open source. The conference structure is designed to provide developers with an opportunity to learn from people they might not connect with at other events.
Open Source Bridge is run entirely by volunteers who believe in the need for an open source conference that focuses on the culture of being an open source citizen, regardless of where in the stack you choose to code. All proceeds from conference registration and sponsorship go directly to the costs of the conference.
Sessions and events will share in-depth knowledge about using, creating and contributing to open source as citizens of a greater community. You’ll find relevant information whether you write web apps for the cloud, tinker with operating system internals, create hardware, run a startup, or blog about technology. They are still seeking proposals—and just extended the deadline to April 10th—so submit yours before time runs out. Some examples of our proposals so far: Brian Aker on Drizzle, a reboot of MySQL designed “for the cloudâ€?; Linux Kernel hacker Greg K-H about how Linux manages development; Ward Cunningham, inventor of the wiki, about what’s next in collaboration; Amber Case, an anthropologist living in both the physical and virtual worlds, about Cyborg Citizenship.
In addition to regular conference sessions, they are holding an unconference day for free-form sessions, and host a 24-hour dedicated “hacker lounge� at the top of the Portland Hilton. In addition to hosting the hacker lounge, the Hilton has offered Open Source Bridge attendees steeply discounted room rates, starting at $139/night.
Visit opensourcebridge.org to learn more about the conference, see our session proposals, and register to attend.
UPHPU members can get $100 off registration with a registration code obtained by contacting Victor or Wade. They have also given us one free conference pass to raffle off at our meeting on 16 April.
I just set up an @uphpu on twitter. I @thinbegin have really been loving the twitter lately and think it may be a good augmentation to the mailing list, IRC Channel and WordPress tools that are already set up and being used.
If I have stepped on anyone’s toes in doing this [setting up the UPHPU twitter user], it was unintentional. I just wanted to grab it up before some other organization out there decided that the acronym fit their needs. :) Please, if there is any stubbed toes by my actions, please email me privately and we’ll mend the wound. :)
Of course, any interested twitter users among us should feel free “follow” @uphpu. I really think it would be another great “feed” of communication.
Oh, and feel free to follow me [@thinbegin] too as I post about PHP, amongst other things, regularly. Micro-blogging FTW!!! :)
I’m pleased to announce next week’s meeting as: Fun With SQL. SQL is a strange language — strange enough that most programmers learn only enough to get by. This technique is enough for the casual hacker to land a job, but leaves much of SQL’s power underused. Given a sufficiently complex task, the same hacker will spend hours trying to write a workable query, only to end up with something that takes three days to complete, or to give up entirely and write the logic into application-side code. We’ll talk about why that’s a bad thing, and what to do about it. We’ll cover some SQL techniques most people overlook, from the simple to the advanced, and demonstrate some of the applications of these more complex queries.
eggyknap, known in meatspace as Josh Tolley, is a database administrator by day and, time permitting, a PostgreSQL hacker by night, who infrequently publishes items of occasional value at http://eggyknap.blogspot.com.
For our February meeting, Joseph Scott, Bug Exorcist for Automattic, will be presenting on WordPress APIs, XML-RPC & AtomPub.
Joseph will be presenting on WordPress APIs, XML-RPC & AtomPub. WordPress has two sets of APIs available for third party clients, XML-RPC and AtomPub. We’ll cover the background and details about both, how OAuth may fit in the future and then dive into PHP examples of how to use XML-RPC to manage your WordPress blog.
Joseph is a California native, living in Utah with his wife and two daughters. He got hooked on email when it meant dialing into a BBS with a 2400 baud modem and ended up memorizing way too much of the AT command set. Access to the Internet changed all that and going to work for an ISP cemented that shift. It also exposed to him to the world of open source, starting with FreeBSD in 1996. From there he spent a number of years in IT doing a little bit of everything.
Greets all!
It’s that time again to start up Geek Lunches for this year, and we’ve decided to kick them off by having one in Utah County! (I have been sorely chastised for not having more events in Utah County – and look to amend that this year!)
This month’s Geek Lunch is going to be at The Smokehouse Pizza and BBQ in Orem.
The event will be Feb 20 at 12:30p.
Address below:
The Smokehouse Pizza and BBQ
214 East University Parkway
Orem, Utah 84058 United States
PLEASE PLEASE RSVP @ http://upcoming.yahoo.com/event/1819312/
For our January meeting, Kevin Carter will be presenting the basics of the cakephp framework. Topics will cover cake’s MVC implementation and file/folder structure, the built in helpers, components, and behaviors that do a lot of heavy lifting for you, and using scaffolding and the code generator to prototype something fast.
I’m very pleased to announce the topic for November’s UPHPU Meeting: Streamlined Web Development using a VNC and Trac.
Starting the meeting off will be Code Greene’s Kevin Carter. Kevin, who has used Git in a production environment for several months now, will be presenting a primer on how to get started with Git. Additionally, he’ll cover the advantages of distrusted source code control and possibly some topics on using git in an svn eniroment. His blog can be found at .
Following Kevin will be are main speaker, Justin Carmony. His presentation will focus on the unique challenges with developing, deploying, & managing Website development. Justin Carmony has put together his trips, tricks, and suggestions for streamlining the development cycle. With a focus on automation, using SVN and Trac allows developers to focus on development rather than redundant tasks. Whether a small project with a single developer, or a large project with a big team, SVN and Trac in a LAMP environment can help any developer. Time permitting he will show some of his own live examples of using SVN & Trac. If you have a specific topics or questions you would like addressed in his presentation, please feel free to let him know on his blog.
Justin Carmony has worked in web development professionally for the last four years. With emphasis on PHP, .NET, and Web Services, he has worked on projects ranging from simple websites to complex communications between thousands of remote systems. He currently is working as an independent contractor & private consultant.
kornbread are discussing.
kornbread 16:15 on Wednesday, 20 May 2009 Permalink | Log in to Reply
I’ve never attended an event, but I’m interested in this one. Do I need to RSVP?
wade 16:45 on Wednesday, 20 May 2009 Permalink | Log in to Reply
RSVP is requested but not required. Contact mindjuju in IRC or send an email to admin.