⊠is over and I had lots of fun, met interesting new people and long-time-no-see âoldâ friends and had interesting discussions. I went to 2 presentations, the first by JĂŒrg Stucker about namics' internal multi-blog platform, quite interesting, as we currently build something similar for one of our customers (which was present, as well :) )
The second presentation was by blog.benbit.ch about XSS or as he put it âWie man sich mit einem Blog unbeliebt macht.â (in English: âhow to make oneself unpopular with a blogâ). While he's completely right that XSS is a dangerously underrated security issue and should be taken much more seriously (we blogged about it more than 2 years ago), his tone, arrogance (âat least one third in here will hate me nowâ) and technical half-knowledge was none the less a little bit annoying. One of his solution âdon't use auto-loginâ for example just raises the entry-barrier for exploiting XSS issues, but usually doesn't help anything to prevent them at all. But at least he didn't claim he's a technical expert, so I can't really blame him for that. Nevertheless an entertaining presentation and certainly opened up the eyes of a lot of people in that room, so mission accomplished :)
Now last but not least, a big thanks to the organizers, a well done âunconferenceâ, I'll be happy to come again next time.
More pictures by me at flickr and by the others and tons of blogposts.