Another episode of PHP in Sweetlake

Last Friday was another episode of PHP in Sweetlake. We had a perfectly good plan, and a perfectly good schedule. So obviously that is *not* how things went down…

Due to excessive traffic between Rotterdam and Den Haag, our speaker Harry Verveer ran late. So as a time-filler, we watched a video on privacy by Georg Greve (board member of the Free Software Foundation Europe and CEO at Kolab Systems AG). The video was prepared as a keynote for the government “AlertOnline” campaign that Hans de Raad and Wouter Parent have been involved in. I felt there was *a lot* of food for thought in the video. You can read what I picked up from Georg’s talk at the bottom of this write-up.

Harry Verveer gave his talk on the lost art of UML. While he himself marked most of the types of UML diagrams as obsolete (painful reminders of being forced to draw diagrams in school), there are three types of diagrams still used in his workflow:

• The Entity Relationship Diagram or ERD: used to draw entity (database) relationships. This is still a very good way to come to grips with what objects and properties you are going to need, without diving into actual code.
• The Class Diagram: get a feel for what behaviour your classes will need to have.
• Sequence Diagrams:  explain concepts to non-programmers (like customers). All I can say about this is I want his customers! Most of my customers consider Sequence Diagrams to be abstract art…

Two basic benefits of using UML kept returning in the talk: drawing diagrams forces you into a birds-eye view. And: it’s cheap to refactor on paper. These are two pretty compelling reasons so I’d say if you don’t know these diagrams, learn a bit more about them. They might yet serve a purpose.

We finished with a joint discussion where I got pelted with stress balls in a live demonstration of a Distributed Denial of Service attack, we got a bonus security session where we were educated on how easy it is to compromise wifi and mobile phones (no mobile phones where hurt during the exercise, but TURN OFF WIFI WHEN YOU DON’T USE IT!), and finally a demonstration of Kali Linux.

Magic happened, nobody wanted to leave and we had to be kicked out by Hans at eleven…

Thanks to all the enthusiasm, a security workshop is being planned by WeSecureIT.nl for a future date! Stay tuned.

The Sweetlake PHP website is now on github. It is open source and will be online for about three weeks on the EngineYard platform. I tried to coax a free hosting account from EngineYard, but unfortunately they don’t have a programme for this, so the website remains a work in progress.

As mentioned previously, watch Georg’s keynote and my thoughts on it.

Keynote on Privacy by Georg Greve (you might have to refresh the page)

We’ve all heard about the NSA’s Prism program by now, and we’ve learned from the leaks by Edward Snowden what the Intelligence Agencies are up to regarding collection of data. What is surprising, Georg says, is that we’re surprised. Because it’s hardly news… the question is, are we going to do anything about it?

Google, Facebook, LinkedIn give you “free” products and then base their business model around selling data about your behaviour. (If you’re not paying for a service – you’re the product). A good example where you can experience this for yourself is Google’s customer support. Users say it’s slow, inaccessible, and in short, awful. But the truth is: Google’s customer support is very good! But you, the product, are just not entitled to it…

And ask yourself: can you truly allow your email to be parsed for “advertising purposes” when you’re receiving confidential information? Do you want Google to know about unhappy employees even before you do and so target them with ads of other opportunities?

Hans de Raad will be taking this further in our next session on December 6th. Don’t miss it!

Ramon de la Fuente; Father of two kids, one company and a user group called SweetlakePHP…