Fosdem 2009

Hello,

A couple of weekends ago I went to Fosdem 2009. This is my report of the talks I went to. I choose to go to the security track and to go to the mysql developer room.

The first talk I went to was OWASP Testing guide v3 given by Matteo Meucci. The OWASP testing guide is basically a must read for everybody these days. Back in the good old days when the internet used to be static it was easy to make a website and then things suddenly got more complicated which added nice features that have lead up to web 2.0. Like most of us know everything has a price. As websites get more "layers" of complexity, the more layers that will require you to look into to secure them. The OWASP Testing guide v3 does this. It is a nice example of structured knowledge about what there is to know about making a secure web app.

The other security talk I went to was Fusil by Victor Stinner. I just know what a fuzzer is but never played with one and learned a lot from it :). I asked Victor why he coded Fusil since he clearly states that there are other fuzzers out there. He answered me by telling me he is a hacker and wanted to write a fuzzer. You just got to love such an answer :)

The rest of my day I sat down in the dev room of MySQL. I am not a developer myself (although I write my own code occasionally when I need something). It was very interesting. The first talk that I went to was about mysql clustering. Geert Vanderkelen introduced us to the basics of database clustering and I learned a lot. The following MySQL-talk wasn't actually a talk. It was Kaj Arnö, who asked us what we liked, disliked and how we would like things to be. It is nice to know that MySQL still is listening to its non-commercial user base.

I 've seen some strange partitioning at customers in Microsoft SQL and was curious about Giuseppes Maxia talk. He gave the best explaination about partitioning there is and I will use his example to explain the advantage to those customers who need it and those who implemented it in that 'not so efficient' manner. He showed us the map of Brussels and tore it appart and showed us visually that it was far more efficient to find something on only a part of the map than on the big map. He got an applause for this.

The last talk I went to was about database sharding. I never heard the word before and it was Jurriaan Persyn who gave that presentation. It is still not clear to me how it works but it seems to me that is not the easiest thing to accomplish. There were some guys in the room who were asking a lot of questions and their questions were not actually about sharding but about availability issues and at a certain point it became annoying that Jurriaan wasn't talking anymore about his subject.

It was a long but very interesting day and I look forward to do stuff with all the new knowledge I gained and was happy to meet so many interesting people.