Recap: Refresh the Triangle Holiday Meeting

Clinton R. Nixon, Senior Developer, December 07, 2007 0

Yesterday, I had the honor of speaking at the second meeting of Refresh the Triangle. We were hosted by Shoeboxed.com, a local start-up, and their space accommodated the crowd of about 30 people nicely.

My talk was on techniques for securing web applications, and common security holes to look out for. After a very inspiring similar talk at Refresh DC, I was definitely excited to share my knowledge about security with the mixed group of designers and developers and show off the glaring holes in some Ruby on Rails and PHP sample applications. As a presentation geek, I wanted to try out a more experiential technique, using demonstrations instead of slides. The crowd got involved, asking great questions about topics like Cross-Site Request Forgery and laughing at the insecurity of “Upload King!” and “Festival of Bookmarks.” The demo code and security resources are available for you to enjoy.

As is Refresh custom, a post-meeting meeting at a local pub inspired great discussion and showed what a vibrant group of web professionals we have in North Carolina. We’re very lucky at Viget Labs to be part of both Refresh DC and Refresh the Triangle, and we invite you to visit the Refresh the Triangle site to suggest future topics or find out about upcoming events!

Posted in Events on 12/07/07 0 comments

Trackback: Yesh.com :: Brian Russell » Techies Building Community in RDCH on 12/07 at 05:22 PM [...] NoVaRUG, Ruby Hoedown, TriPUG, LoneStar Ruby Conference, Rails to Italy, Raleigh.rb, RubyConf, and Refresh the Triangle. We plan to continue doing speaking engagements again in 2008 – introduce yourself if you see [...]----- [...] by the folks over at Viget Labs. A new web design consultancy in Durham. Last night they had an event. Sadly I couldn’t attend. Next time [...]-----

Next entry: 2007: A Development Lab Recap

Previous entry: RubyConf Recap

A Development Community for Viget Labs and Beyond

Every team member here at Viget Labs strives to be an innovator. We members of the development team are no different - that's why we're constantly engaging in community discussions and exploring the unknown that is the next generation of open-source web applications.

Viget Is Hiring!

Viget has job openings for Ruby Developers, Interns, and Front-End Developers. Learn More »

Recent Comments

Hi Matt - thanks for the great post! This looks like a very cool way to configure a server - I have one question and excuse my ignorance (Linux newbie): Why do you need to create a “deploy” user at first (as opposed to just using the root account)? Is that actually necessary for running setup_env, or only needed later for regular deployment? Thanks!

Markus on 'Building an Environment From Scratch With Capistrano 2'.
Jörg Battermann on 'Installing Sphinx on OS X Leopard'.
Ben on 'Right Way/Wrong Way: Closed Betas'.

Tyrant

Tyrant was born out of our need to have non-developers work alongside us without requiring a full Rails stack running on their local machines.

Ideally, Tyrant runs (via mongrel) on a development server with multiple user directories that contain SVN working directories with Rails applications. Upon startup, these applications are listed in a user's dashboard and Tyrant provides the interface to start and stop each one. The configuration settings dictate the available port range, and as a new application is started it will grab the next one available.

Development Blog: Post