The Dopefly Tech Blog

« The Dopefly Tech Blog Main page

Yes, I will be at CF.Objective() 2013

posted under category: Life Events on May 2, 2013 by Nathan

I will be at CF.Objective() and I hope I will see you there, too!

Here are the sessions that I have a good probability of attending. There are so many great ones, as usual, and most of these were hard decisions, so they are not set in stone. I'm just so excited to be going, I had to share!

Thursday
Writing Secure CFML with Pete Freitag I keep hearing great things about Pete's security talks, and in previous years it was either in a time slot against something else I was interested in, or that I was talking for.
Go Node Without Code with Brian Rinaldi Node interests me in the way that I believe server-side JS is the future, but I think Node isn't the way to go, so Brian's talk sounds interesting.
Railo's Top 10 Developer Features with Mark Drew Railo always interests me, even though I don't run it anywhere in production.
ORM, noSQL and Vietnam with Sean Corfield Just like Sean always does, he pushes us to the edge of cool development practices & technologies.
Mura 6 for Developers with Steve Withington Steve is a big Mura fan, I'm betting this will be awesome.

Friday
How WebKit Renders Web Pages with Elliott Sprehn Because Google is amazing so everything Elliott talks about is like magic.
Semantic Markup with HTML5 by Christian Ready Don't know how much I'll learn, but I do love me some hypertexts.
How Groovy & Grails made me a better CF developer with Scott Stroz I've played with Groovy a bit but am curious about how to get into more.
Who let a bum into the kitchen with Nathan Mische I've heard about these quick dev server setup tools, but am unsure how or why, so this will probably be over my head, which I like.
JavaScript Enterprise Workflows with Jeff Tapper This is something I honestly want to improve on and teach to my co-workers.

Saturday
Deep Dive: The ColdFusion 10 Scheduler with Rob Brooks-Bilson Something I plan to use soon, but mostly I just want to know more about it. I may skip out to Charlie's IIS8 session for the second half, not sure.
ContentBox with Luis Majano I'm interested to see what Luis has done here.
Git Workflows with Tim Cunningham I've done my homework but I always want to know more about how best to structure my Git setup. Not sure about this versus ElliottZ's second session. Or Brad Woods' Agile talk. Too many good ones in this slot!
Building Modern Web Apps with Adrian Moreno Sounds like a lot of things that I'm doing, I like to see how other people put it together.

Again, these are highly subject to change, and again, I'm excited!

(Discuss with Disqus!)

Yes, I will be at MAX (kind of)

posted under category: Life Events on May 1, 2013 by Nathan

If you are in the Adobe User Group Managers group, or the Adobe Community Professionals group (or any other related groups), then you know about "The Summit" we do every year. It's a free event Adobe does for us, we talk about the community, we talk about improving things, and then we have a party!

This year, the Summit is only a half day on the Sunday before MAX, and I will be there! I can't stick around for the conference, I don't have the time (but thanks to Megan for offering).

I'm driving my wife & kids across from Phoenix to L.A., on Sunday, for the Summit, then driving back on Monday. It's not so glamorous, but my kids haven't seen the ocean in a couple years.

So anyway, if you want to say "Hi" to me, you have like 6 hours. See you there!

(Discuss with Disqus!)

Monty Python Uses Correct 3-Factor Authentication

posted under category: General on January 10, 2013 by Nathan

Let's talk movies and security for a minute. Obviously Hollywood has proven they don't know computers, don't know hackers and don't know security - they know fun stories and special effects, but there have been more awful portrayals of computing than good ones.

Single-factor authentication has been deemed bad form on the internet, and easily bypassed in movies. We have all seen where someone knows the password or cuts off a thumb for the fingerprint scanner. That's simply not enough security. In real life, most passwords in use are plucked out of the most used passwords lists. One single password is easy to guess, and it's obvious because people get their accounts 'hacked' all the time. Single-factor authentication is simply not good enough.

Two-factor authentication is better, but not perfect. Again, there are movies where voice and eye prints are stolen, or a password is guessed and a fake thumbprint is used. In reality, two-factor authentication comes around in the form of web sites that send you a text message or email when you first log in from a new device and you have to enter the code from that separate message. It is a huge step forward because now it's something you know (password) and something you have (access to the email or phone). However, if one account has been taken, how can you ensure a hacker has not also obtained access to your email? It's not foolproof, but it's much closer.

Three factor authentication means "something you know" (password), "something you have" (email/phone/badge/fob), and "something you are" (finger/eye/hand print, face scan, etc). If anyone in any movie actually used this, the bad guys would win a whole lot less. Think about it. You can't just take a finger with you because you need their password. Guessing the password and hacking their email account still means you are missing the physical person. Stealing a badge leaves you lacking as well.

In Monty Python and the Holy Grail, at the Bridge of Death over the Gorge of Eternal Peril, the bridgekeeper asks three very important questions. Let's look at them:

1. What is your name? In authentication terms, he wants "something you are."

2. What is your quest? Could be interpreted as "something you have" though, to be specific, this is something you do not have.

3. What is your favorite color? What is the capital of Assyria? Without a doubt, "something you know."

When you think of computing and movies, Monty Python has all of Hollywood beat. You heard it here first, folks.

(Discuss with Disqus!)
Nathan is a software developer at The Boeing Company in Charleston, SC. He is essentially a big programming nerd. Really, you could say that makes him a nerd among nerds. Aside from making software for the web, he plays with tech toys and likes to think about programming's big picture while speaking at conferences and generally impressing people with massive nerdiness and straight-faced sarcastic humor. Nathan got his programming start writing batch files in DOS. It should go without saying, but these thought and opinions have nothing to do with Boeing in any way.
This blog is also available as an RSS 2.0 feed. Click your heels together and click here to contact Nathan.