django Password Storage - Basic Security Part 1 NB-1: This is the first post in a series [https://coffeeonthekeyboard.com/best-basic-security-practices-especially-with-django-697/] of posts on web application security. NB-2: Fred [http://fredericiana.com/] wrote a great post on password storage [https://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/]. You should read it. I’m assuming we’re talking
django Best Basic Security Practices (Especially with Django) Or: Locking Your Doors This goes along with a talk I gave at Django-NYC [http://www.djangonyc.org/events/70626822/] in July 2012, but is meant to stand on its own. It is the first in a series of posts, because I realized it was too big for one. Security
django Putting My Slides Where My Mouth Is I’m giving a talk tonight [http://www.djangonyc.org/events/70626822/] at GetGlue [http://getglue.com/] on web app security, particularly with Django. Over the next several days—starting tonight—parts of that talk will be posted here as blog posts (I’ve realized there’s too much material
High MySQL CPU Load Today? Quick Fix If you started seeing a load spike in MySQLd (or apparently Java) processes this morning, it may be the fault of yesterday’s leap second. Apparently due to tides slowing the rotation of the earth [https://twitter.com/neiltyson/status/219042429653889026], there was an extra second added to 30 June
meetup Calling all Mozilla Community Members in New York! Are you a Mozillian? Are you an add-on author or web developer or an avid Firefox user? Do you think of yourself as part of the Mozilla Community, and are you in or around New York City? Then I’m talking to you! We have a Meetup group [http://www.
Code Where are James' Slides? I give a lot—well, I give some—talks, but I never give the slides out. And, as far as I can remember, no one has ever asked for them. I know people, people who speak a lot more than me [http://stevesouders.com/], who put all their slide decks
Code Why Django Sucks, Except When It Doesn't Ken Reitz [https://twitter.com/kennethreitz] is a smart man. Very smart. Smarter than me. He’s responsible for some of the best [https://github.com/kennethreitz/flask-sslify], most widely-used [https://crate.io/packages/requests/] Python libraries out there. So when he talks, I listen. And recently, he talked about
That's What He... is Sorry For Two recent blog posts have called me on my bullshit and I owe everyone an apology. First, Jessamyn Smith wrote about Fighting Sexist Jokes the Geeky Way [http://geekchick77.dreamwidth.org/472.html], and then Katie Cunningham—whom, though we’ve never met in person, I consider a friend from
Developing a Culture of Testing I say this all the time, but Mozilla’s webdev group has grown a lot [http://blog.mozilla.com/webdev/2011/08/08/pragmatic-growth-from-2-to-40-in-4-years/] over the past few years, and I don’t just mean in size. We’ve become better engineers, a better team, too. One key aspect of
Better A week or so ago, I needed to say that I wasn’t OK [https://coffeeonthekeyboard.com/not-ok-627/]. Thanks to everyone who offered support and kind words, and especially my cousin Jono who drank beer and talked about Star Wars and other things that don’t matter at all. That
Not OK I’m not doing OK right now. Why is that so hard to admit? It’s nothing big, it’s just a hundred small things and they all happened at the same time and it feels like I can’t win right now. It feels like if 12 hours could
mozilla Performance is a Feature What do I mean when I say “performance is a feature?” For a long time, I got this wrong. When I explained myself, I’d say that performance was as important as any other feature and worth spending as much time on as any other feature, and you shouldn’t
apple Thank You, Steve Thank you, Steve [http://www.apple.com/stevejobs/]. I didn’t really realize until today exactly what I owe to Steve Jobs’ vision and dedication. So much of my life and career has been influenced and guided by an interest in screwing about with computers that goes back to the
developers So You Want Me to Hire You I vacillated quite a bit on the title of this post. It is, after all, not me that is hiring you. Nor do I have the power to hire folks at will: it’s a team decision. But I also don’t want to claim to speak for anyone else,
continuous deployment Acronyms you should know: MTTD and MTTR If you’re a SUMO [https://support.mozilla.com/] contributor, there are two acronyms you will start to hear more often from us developers: MTTD andMTTR. They mean “mean time to detect” and “mean time to resolve,” respectively, and they refer to how long it takes to detect an issue
Say hi to Scottbot UPDATE: Scottbot has been removed from GitHub and will not be coming back. Find out why [https://coffeeonthekeyboard.com/thats-what-he-is-sorry-for-651/]. After talking about it with Fred [http://fredericiana.com/] for a couple of weeks, I sat down this morning and started scottbot, an IRC bot that will learn how to
damnproud Pride and Joy: Firefox 4 is Out! Since it was officially released around 7 hours ago, Firefox 4 [http://www.mozilla.com/] has been downloaded nearly 2.4 million times [http://glow.mozilla.org/]. I feel many things today. I’m deeply proud and humbled to be a part of the Mozilla community and contribute in my
api The Thing About Twitter The thing that bothers me most about Twitter’s API announcement [http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c82cd59c7a87216a?pli=1] is that very few of the most useful features of Twitter were actually their ideas. * Hashtags. * Retweets. * Location. * Search. * Lists. * Conversation view. * Inline images and links. * Short
continuous deployment A brief SumoDev update A little while ago [https://coffeeonthekeyboard.com/sumo-in-q2-563/], I said that I thought we got a B in Q1, but we could move up to an A with a little more work. (This is my favorite grading system: everyone starts at 0 and works up.) Well, we landed two things:
mozilla Weekly Update for 11/3/11 Been a busy week! * Helped run down an issue with our ads on Reddit. * Updated django-multidb-router [https://github.com/jbalogh/django-multidb-router]. - Learned a little about ContextDecorator [http://docs.python.org/dev/whatsnew/3.2.html#contextlib]and how to do that in Python 2.6. * Shipped SUMO 2.6.
mozilla Weekly Update 04/03/2011 OK, in line with my 2011 goals [https://coffeeonthekeyboard.com/2011-goals-520/] and because I’m sick of not remembering what I did last week, I’m restarting the weekly update posts. I hope you like hearing about the minutia of my job! (Just kidding. I write these for me.) I’
django O Hai Django AdminPlus Last night, as happens sometimes, I was wishing it was possible to add some of our custom admin views to the Django admin’s index page. It’s kind of a pain to have to type the URL every time, especially when talking to other people: “It’s in the
kitsune SUMO in Q2 At the end of 2010, I issued a challenge to my team: deploy support.mozilla.com continuously [https://coffeeonthekeyboard.com/the-future-of-sumo-development-511/] by the end of 2011. So, as we move into the last part of Q1, how are we doing, and what’s next? So Far This quarter we’ve
comet The Future of TodaysMeet This is the second half of a two-part post. Start with part 1 [https://coffeeonthekeyboard.com/the-problem-with-todaysmeet-550/]. TodaysMeet [http://todaysmeet.com/] is an interesting challenge because it has components that are absolutely real-time and should be built like a messaging system, not a CMS, and parts that aren’t real-time
architecture The Problem with TodaysMeet TodaysMeet [http://todaysmeet.com/] is a project I started in 2008 to help my father [http://speedchange.blogspot.com] solve a problem in one of his classes. The fact that it’s as popular as it is—mostly in education—never ceases to amaze me. Unfortunately, I don’t give
