ColdFusion Muse

Podcast: The Security Pyramid Part IV - Securing Your Code

This is the fourth and final episode in the series, "the security pyramid". This entry covers the topic of "Personal Health", securing your application code. We cover cross site scripting, SQL injection attacks and a number of other topics. This podcast is nearly half an hour long. The examples I talk about in the podcast are covered in the original post. Posts from the other 4 parts of the series are listed below. Thanks for listening!

Listen Here



Security Pyramid Podcast - Part III (The Neighborhood)

This is the third in a series of 4 podcasts (I know, it was supposed to be 3) on the subject of "the security pyramid". This one covers the topic of "the neighborhood" where your application lives. The topic covers security issues related to your server configuration, coldfusion, and integration with external resources. All of the material covered in the podcasts is also covered in the 5 posts listed below, although the podcasts often include items that are not in the posts. Click on Part III below for the written vresion of this particular podcast. Thanks for listening!

Listen Here



Security Pyramid Podcast - Part II

This is the second of 3 podcasts on the subject of "the security pyramid". This one covers the topic of "internal network policy". All of the material covered in the podcasts is also covered in the 5 posts listed below, although the podcasts often include items that are not in the posts. Thanks for listening!

Listen Here



Security Pyramid Podcast - Part I

This podcasts covers the first 2 sections of my recent series on the security pyramid, the introduction and the border patrol. The podcasts often include items that are not in the posts. Thanks for listening!

Listen Here

Becoming a Better Troubleshooter

Every week I seem to find myself dealing with intractable bugs or performance issues for CF Webtools' customers. Last week, for example, I found myself troubleshooting a JVM for a CF 7 customer, a Database performance issue, a JMS issue and a persistent memory leak in a COM object. That's a pretty typical week for me.

I like troubleshooting and debugging. I suppose it's the Sherlock Holmes in me that likes to pour over minute details looking for clues and possibilities. I think a good troubleshooter has that quality in his nature - the thirst for knowledge and the desire for intellectual growth. I would say that's one of my strengths. That is not to say you can't be a good troubleshooter without those skills, but it helps if you really enjoy uncharted territory.

Listen Here

[More]

Radder Rad With Cfquery and Cut and Paste

When I first heard of RAD my immediate thought was the wonderful folks of Virginia and the Cumberland Gap - where I met my wife (a nurse from Minnesota, what are the odds). In the blue green mountains of Appalachia, everyone knows about Rad. It's the opposite of Blue. If you mix a little yeller into it you get arnge. When I started studying IT and Technology. It didn't take me long to learn that RAD stood for "Rapid Application Development". Now if you've been using Coldfusion for any length of time you will know that "RAD" is a word often used in to describe the usability and accessibility of the language. Here one reason why....

Listen Here

[More]

How to Build a Website in 4 Hours (without Elves)

If it hasn't happened to you already it will happen eventually. Someday soon, someone is going to ask for your help building a web site pro-bono. Now, I think this is a very good idea. If you are a member of a Church, a Scout leader, a band booster or involved in any other worthwhile cause that's long on commitment and short on funds, you should dedicate a part of your skills to helping them leverage the web. The problem is usually time. If you are like me you may have trouble coming up with enough time to build a web site "for free" - at least not the 30 or 40 hours you feel such an effort deserves. Not to worry... I'm here to tell you that with a couple of simple choices you can build an excellent web site in around 4 hours. What?? You don't believe me?

Listen Here

[More]

A Life Worth Living - New Years 2006

Like many people I pursue my carreer with enthusiasm. I'm proud of the small business I own and the fact that I employ a few hard-working people and I'm able to bless them with finances. I'm proud of my income. It makes me feel better somehow about myself - what I do. Some elements of my identity are wrapped up in my role as a developer and technologist. This is the seductive call of status. You can say it's wealth or power or advancement - but these are all synonyms for status. They are what our society uses as a gague to determine the importance of a man - at least in relation to other men.

Listen Here

[More]

Twas the Night Before Merger

Twas the night before the Merger, when all through the Net,
Not a Web site was stirring, not even devnet.
The stockings were hung by the chimney with care,
In hopes that St. PDF soon would be there.

The designers were nestled all snug in their beds,
With visions of OSX support in their heads;
And Ma in her 'kerchief, and I in my cap,
Put the PC on Standby and shutdown the MAC.

Listen Here

[More]

Sessions and Cookies and Bots (oh my)

Would you like to know how to create your own memory leak using the design of the Coldfusion Server to do it? Here's one way. Let's say you have a site that sells products from Narnia. It has a root folder that display your products and prices. You've done a great job of creating friendly links for browsing your Narnia products. You have stuffed Aslan lions both friendly and fearsome, White witch figurines, fauns, nyads, dryads, a toy lamppost and even a wardrobe for sale. Let's say (for the sake of argument) that you have 50 links to Narnia products just on your home page. If a user chooses to buy one of your products he or she clicks on "add to cart". At this point the user is taken into the "/shop/" folder to the page at "www.Nnarniaproducts.com/shop/cart.cfm". So far so good. This is how many online stores are organized and it's just peachy. But let's look under the hood shall we.

Listen Here

[More]

Starbucks and the Roadmap For Peace

Everyone talks about world peace. People even say it's what they want for Christmas. But no one really does anything about it. I'm about to change all that. I have a plan that is so revolutionary, so ingenious, so incredibly innovative that some might even think my crack-pot idea is almost mediocre.

listen here

[More]

OPUB Syndrome - Why Sales Staff Over Promise and Under Bid

Have you ever been given a project with an estimate that was wildly low for the work involved? Have you ever finished a project that looked remarkably unlike the original requirements document? Have you ever been driven to finish a project 2 months before it was going to be ready?

In my second podcast I discuss the OPUB syndrome - why sales and management often over promise on features and time and under bid on the cost.

Listen Here

3 Constraints of Project Management

This is my first podcast. The topic is the 3 corners of project managment.

  • Time
  • Money
  • Features
I will welcome any feedback on what I should be doing differently with my podcast. If you have experience please enlighten me. What format should I be using? What's the "standard" for size and quality etc. Thanks!




Blog provided and hosted by CF Webtools. Blog Sofware by Ray Camden.