Home

Large Robot is a collection of articles, links and other odds and ends from Christefano Reyes (that’s me!). Learn more

Better Sleep Through Web Security

Drupalgeddon - image courtesy of Fuse Interactive This Thursday I'm presenting on Better Sleep Through Web Security, an in-depth overview of web security, what to do do if your website is hacked, and how to sleep better by following basic web security best practices.

It's at the beautiful Fuller Theological Seminary in Pasadena, California, and there's a video conference for those who can't attend in person. The meeting is from 6-8pm Pacific Time and we'll launch into the security talk after some quick intros and raffle prizes.

It's been about a year since I last gave a talk on internet security and the recent Heartbleed, Shellshock and POODLE (and now the "Drupalgeddon" vulnerabilities that hit the mainstream news in Forbes, the BBC and The Register), have prompted me to dust off my slides and update them for some of the internet security threats we face today.

This particular presentation goes into some detail about the "Drupalgeddon" vulnerability, officially known as SA-CORE-2014-005. It allows attackers with specialized knowledge to send requests to any unprotected Drupal website that result in arbitrary SQL execution, which in turn may lead to privilege escalation, arbitrary PHP execution and total server control. Scary stuff.

I hope you can join me. If you haven't heard of Drupal or aren't interested in general web application security, you can skip this one (unless, of course, you just like the sound of my voice). If, however, you make websites for either fun or profit, this is a great chance to get up to speed on some security best practices, including common attack vectors, what to do if your site gets hacked, and the the differences between security and privacy.

Open Office Hours

Can you imagine a world where service professionals donated a percentage of their time to mentoring others? From lawyers to glass blowers and metal workers to web developers and dentists and rock climbing instructors, each one of us has a skill that other people admire and want to learn.

The idea of sharing ones experience and expertise is as old as history itself. It connects us, builds community, engenders trust and moves us forward on humanity's path of constant improvement.

Recharging batteries

Once again, I'm leaving the phone and email behind and am taking off for a few weeks for a much needed vacation.

Christefano is charging
[ * * * * * * * . . .] - 70%
Estimated time to complete: September 9, 2014

Due to the large amount of email I receive, the best way to reach me is to contact me again by phone or by email after I return. In the meantime, below is a fine list of links that might be helpful.

Coders with a Cause

Next month I'll be co-presenting at a conference for non-profits on the Coders with a Cause program we started at Droplabs, the coworking space and computer lab I co-founded in 2011. One of the subjects is on "community barn raisings" and how we work to harness the good will and technical expertise of our software developer community to aid non-profits who are in need of those resources.

If you're unfamiliar with the "barn raising" term, I'll get to that in a minute.

This presentation is just one session among many at the conference, but it's on a topic that's very close to my heart. I'd like for this presentation to cover as much as possible within its allotted time and I'm requesting input, ideas, questions — and even answers from everyone reading this — to make the session the best it can be.

Save me, I'm going to GLADCamp!

GLADCamp, the Greater Los Angeles Drupal Camp, is coming up in a couple weeks and I'm helping organize a couple events that make up the conference program. I'm incredibly excited, and at the same time I'm feeling like I might be going out of my mind.

Depending on where you are or how far you're willing to go, this kind of event just doesn't happen very often (if at all). We have a non-profit summit, a job fair, an employers summit, a barn raising for a non-profit and our first-ever website performance speed competition.

That's in addition to a general DrupalCamp with keynotes, sessions, BoFs, trainings and code sprints.

Recharging batteries

For the first time in 8 years, I'm leaving the phone and email behind and am taking off for a few weeks for a much needed vacation. This is the first time I've unplugged since plugging in back in the early 90's.

Christefano is charging
[ * * * * * * * . . .] - 70%
Estimated time to complete: September 9, 2013

Due to the large amount of email I receive, the best way to reach me is to contact me again by phone or by email after I return. In the meantime, below is a fine list of links that might be helpful.

GLADCamp finds a home

GLADCamp, the Greater Los Angeles Drupal Camp, has found a home at the Hilton Pasadena in Pasadena, California, and is March 7-9, 2014. I posted a report of the site visit to the venue earlier this month, but the ink on the contracts is only now just drying.

For anyone who knows of GLADCamp's brief history, this has been a very long road for the conference and our organizing team. Coming to an agreement with the Hilton Pasadena is a large milestone for us. Now that both the venue and the dates are set, we can begin planning our our general conference dedicated to all things Drupal.

Finding a Couchsurfing.com replacement

With the "digital nomads" breakout session at DrupalCon Portland still on my mind, I came across an intriguing blog post today by Nithin Coca about the "rise and fall" of Couchsurfing. For me, one of the big takeaways from reading the post is I learned that Couchsurfing.com went commercial last year. Nithin Coca's argument is that as a result of its commercialization, its business model makes room for "quantity over quality" and the site and its community has gone downhill.

Pages