Open Source Bridge 2012, day 3
Open-source processes for security vulnerabilities: The speaker works for ISC, and the talk focused on a different software level than what I usually work on. But I still pulled some pearls from it, such as security bug classification, and security vulnerability terminology.
Privacy and Security: The speaker works for Mozilla Labs, to which I had once applied to for a job, and which eventually tossed application into a black hole. Heh, I won’t hold that against him. ZOMG, I just realized the speaker is married to a someone I knew in High School! A good summary of current challenges in user privacy controls within modern browsers.
Usability Testing: This talk seems to have two levels, one lower and one higher, than what I expected.
Continuous Deployment using Dreadnot: Hmm, a talk by a Rackspace employee. This seems like an OK technology choices for CD; though the Chef, Knife, ssh, and node.js interactions seem like a kludge tower.
I want to move IP Street to CD, but that’ll take some time. Our biggest challenges would not be CD technology selection, but in the prerequisites for good CD. We’d first need to greatly improve our monitoring, instrumentation, and analytics before we try it. This would need about three person-months of effort, which is a lot of time in a small start-up.
Pro-style Code Review: Not sure what “pro-style” means, but I’ll find out soon enough. I’ve been dissatisfied with the code review situation at work for some time, and when I’m not putting out fires I sometimes think about improving it.