https sites can be spoofed!

In short, there are people out there that can take advantage of flaws in the md5 algorithm and can spoof about 35 precent of the https websites.

To do this they need to run a couple hundred computers for 3 days to generate the fraudulent certificate authority and be able to redirect the victim’s traffic through their computers (man in the middle attack)

Read more here
http://m.news.com/2166-12_3-10129693-83.html

What I did for Christmas

As I explained in a previous post, Carol and I did not go to Guatemala for this Xmas.

But things were not bad at all. We were planning on cooking dinner on Christmas eve, but as the day progressed, I did not want to stop coding and Carol was deep into card making so we decided to not cook and start Xmas eve at 6pm by eating at the Olive Garden.

I really like the food there. It is not one of Carol’s favorites but all of her top choices are downtown and they were probably closed because of the date.

After dinner, we came back to the house, watched a movie, and then waited for midnight to open some presents.

I’m not going to work until January 5th! And I’m really happy because my work load there has been above normal for a little too long.

Google Checkout and Thickbox on www.carolliska.com

As a holiday project I integrated Carol’s website with Google Checkout and added a nice open source javascript image viewer called Thickbox to the product images.

Please click around carolliska.com and see if you find a bug.

• Click on the product images to view what the Thickbox does; you will probably want to implement this on your sites.
• Add some items to the shopping cart and click the checkout button to test the Google Checkout integration.

Happy holidays!

Began going to the gym

It is snowing heavily today and it will keep going until Monday. Since there will be no biking until April, I joined the nearby gym to do some swimming.

I’ve only gone once and it was enough to remember the good and the bad about it. Swimming simply feels so great and I enjoy it a lot. But there’s a cold around the office and the day after the swim I started having symptoms. I don’t think the cold will get to be one of those major ones but I now remember that this always happened to me last year. If I feel like I might be getting a cold, I should not swim but rather do some cardio and weights. I enjoy cardio and weights as long as I don’t do them too often.

A little stressed at work

For the last 2 weeks I’ve been coding like crazy to get a new website going for Neumont. The teacher evaluations website. I had forgotten what it was like to code under a deadline since most of my projects at work do not have strict due dates I usually give estimates like "it will be ready in a week" or in "in a month".

This site had to be ready to take evaluation responses tomorrow. And I got it ready on Friday, a little too close than what I’d have liked. The admin pages and reports are still not 100% done but I still have a couple of weeks to finish that and that is plenty of time.

If you’re not a computer science nerd, you can stop reading now.

So this website has some pretty cool things and I’m proud to have completed it in just 2.5 weeks.

• It is active directory (AD) integrated so our students do not need an extra login to access it. They simply use the same credentials they use  to log in to their laptop. The thing that was hard about this was not talking to AD since the .NET Framework 3.5 has some superb classes to do this. The hard part was to get the ties between the AD users (students and teachers) and our Learning Management System (Moodle) users.
• It pulls the student, class, and term information from Neumont’s core Student Information System (SIS): CampusVue.
• It uses Linq to access the DB. Since Linq came out a long time ago, I’ve been using it as much as I can but this is the first big project that I start from absolute scratch since Linq came out. Linq saved me TONS of time and this is coming from a strongly typed dataset guru.
• I got to write some pretty cool WebControls to display the survey in preview mode, take mode, and results mode. All very organized, I used some of the good old design patters and I got to do some polymorphism. I feel like it’s been a year since I wrote something that took advantage of polymorphism; not because it is not useful but because I’ve been mostly maintaining code that I did not start.

I feel like my code is entirely hack-free and I love that. That is the advantage of starting a code project from scratch. Of those 2.5 weeks, one was dedicated entirely to Designing the solution (DB and core classes) on my whiteboards.