I shall have a think though, maybe an hour on “The internet is evil; some tips to keep your website alive?”

I regret now not covering event validation; where you can send fake postbacks to a page and trigger events on hidden controls. Much amusement for that one

As for what I would like to have seen ..
Well first, the XSS/SQL injection attack details and the other stuff you mentioned are important and are certainly worth more than just a fleeting mention.
I guess in addition, I would expect something like – How do you prepare your website to prevent D/DOS attacks. Or How to accept PIN numbers (for logging in, if you’re a bank for instance) but minimising the risk of exposing your PIN to a keylogger. (Maybe by displaying an online numeric keypad for example – with randomly positioned keys you click with your mouse)
Stuff like that I suppose.

Oh and the Javascript thing – I’m not sure if this is what you meant, but you actually can “do” inheritance, hide data etc. (although, admittedly, they don’t make it easy for you)
But yeah dealing with a prototype based language can be bit odd & you often you have to jump through hoops to get something you would take for granted in normal languages.
But its still a pretty interesting how Javascript is perceived now as opposed to a couple of years ago … subject for a my next blog post maybe

Your point is well taken about javascript, JSON scares me (if only because aggregation object creation is just not how I normally do things)

Hi Barry, and thanks for your comment. And sorry if I sounded like I was neck deep in misguided geek pride of some sort.

As for your presentation, I guess if it was meant to be basic it could be called something like “Top 5 things every web developer should know” (That would probably be a big hit too considering what flies on sites like delicious or digg nowadays). That would also have been a measured, constructive comment on my part – something that I obviously have to take classes in.

Point taken also about professionals in one area as opposed to others etc. I guess I often get the feeling that folks who dont know about web sites and developing for the internet somehow think of web development as some sort of a spare-time/passtime kind of thing. Simlilar to how ‘experienced’ developers felt about Javascript before people like Douglas Crockford came along. This was really a rant directed at this “its easy” kind of attitude.

As for the sense of humour comment – that was a personal jab & I take it back. Different people find different things funny and even that varies depending on one’s mood or the presence/lack of nicotine in one’s bloodstream. Even within the conference hall there were many people who were constantly giggling (and yes, it was more a “with” sort of giggle as opposed to the “at” kind ) – so I am obviously not with the others here.

The problem with going into more detail is it’s hard to give general advice that applies to everything, the more specific you get the less it applies to the majority of the audience. I could cover using “hacking” tools, but I honestly don’t feel that would be useful, without understanding why the problems occur.

Yes it was basic, but the mistakes are still made on a regular basis. Sure most people know about SQL Injection these days, but most people also believe that stored procedures solve that problem, which in some cases isn’t true.

Just because you’re a professional in one area, say database work, or middle tier doesn’t mean you know the problems of developing for the front end, or the web, hence the presentation, and the examples I gave (the MS store being a good one; you’d think MS would get their internal systems right, being professional et al.)

What would you rather have seen? What would have made it a useful presentation for you? Was the humour that bad? (It’s an interesting talk to give because people don’t ask questions that often until after when they can have a private word; hence the attempts at humour in order to get some sort of reaction; but yes, my humour is err, rather strange at times)

Feel free to drop me a mail, obviously I’m disappointed you felt the talk had no worth.