Wow. Things have been busy and I have been neglecting my blog. I feel bad about that. My blog is so important to me, and things have been keeping me away.

I am a teacher at heart. I love to teach. That is why I blog, that is why I present at conferences, and that is why I am going to grad school. So the fact that I have been unable to blog for a while upsets me greatly. But I want to tell you a little bit about why. This is not about making excuses. This is about what is keeping me busy and what I am learning about. It will also motivate me to blog about these things, and that's the important part.

[More]

Some of you may have noticed I have been quiet on my blog this summer, but I assure you, it is only temporary. I have been busy with grad school, family, instituting a lifestyle change to allow me to get healthy, and finding a new job.

[More]

Rafal Los has a short, but eye-opening post on the X-Rumer link spamming tool from Russian BotMaster Labs.

This is some scary stuff and really shows that CAPTCHA is become less and less useful in the fight against comment spammers.

[More]

My wife and I are leaving in the morning to go on a week long vacation. It's been a while since we've done this, so we are looking forward to it. I'm sure going to miss the kids though. Our two children will be staying with my parents.

We are renting a cabin in Northern Minnesota (near Fargo, ND) and we are going to relax. It should be nice, especially with my new Kindle DX to help pass the time. I am looking forward to doing a lot of reading, and resting. We may do some fishing and boating. It should be a blast.

I was going to try to schedule some security tip posts for while I was away, but it just didn't happen. But I will probably work on some while I am away, so hopefully I will have some fresh content ready to go when I get back.

This is my first ever product review, so don't expect much.

I opened up my Amazon Kindle DX last night and my first thought was that I was over whelmed by the packaging. I had to open the outer box, tear off a paper sleeve and then open an inner box. Opening a lot of boxes makes me nervous. I think because I get the feeling that it will make it impossible to return if I can't get it all back in the way I found it.

The Kindle itself was, of course, in pristine condition. I read the instructions (no really I did), but they were short and to the point. Plug it in - Turn it on - Start to use.

[More]

Many of you who looked at my "Let's give some stuff away" post this morning probably saw only one thing (a 12robots.com t-shirt) among the available choices to win. This is because Amazon's affiliate programs web service is less than reliable, and I sometimes forget this.

Please, go take a look again. I have put in new information for the items that i will be giving away with non-affiliate links to the items.

Sorry for the confusion.

As an effort to promote application security awareness in the CFML community, I am going to do a little bit of giving things away. Specifically, I am going to be giving away some security related items.

As many of you know, I am very interested in Application Security. I am always trying to learn more about it and encourage others to learn more. Application Security is becoming more and more important even for our simple applications.

So to help encourage learning about application security, I am going to give away some of these security related learning materials to the good people of the CFML community who provide substantive comments on my blog.

[More]

In the past I have tried to make my blog posts very detailed. As a result, they tend to be long and take a very long time to write, which results in fewer entries. While this is not necessarily a bad thing, I would like to try to post more often. As a result, I have decided to start doing shorter posts that are general "tips" in secure web application development.

[More]

So I thought I would take a few minutes and blog about what I am working on. I don't expect anyone to care. Feel free to stop reading. I just wanted to write about something that does not require hours of research. I also wanted to just write SOMETHING, to get me back into it so that I do not become to lax in my blogging.

OWASP ESAPI for CFML

[More]

I have been evaluating Balsamiq Mockups this week to see what it is all about and to determine if I want to try to get it at work.

Balsamiq Mockups is a tool (built with Flex and Adobe® AIR) used to mock-up site designs and layouts. It has a really easy-to-use, drag-and-drop interface with a LOT of customization options. It has a huge variety of web site elements for you to drop into your mock-ups. In about 15 minutes I was able to put together this:

[More]