Just back from London

@media Ajax was interesting. I have more than “interesting” to say about it, as you might expect, but I’m tired and lazy, and I’ll get to a fuller description of the high- and lowlights from my perspective sometime tomorrow. For now, I’ll simply say that Alex Russell is an impressive speaker, and that the guys from Ajaxian completely confirmed my opinion of the site (in short: they come at “Ajax” from an completely different world than I do).

For the moment, I suggest that anyone with a vague interest in security read Norm Hardy’s “The Confused Deputy”. It’s a brief article that raised the idea of capability-based security, which is much more relevant to your life than you might expect thanks to cross-site request forgery attacks. Afterward, if you’re ready for more, read Dan Bernstein’s “Some thoughts on security after ten years of qmail 1.0”, which is an excellently practical discussion with an emphasis on trusted components that reminded me of the capabilities concept.

That should keep you busy while I jot down my various and sundry opinions of @media, and figure out how much of this week’s office drama I’m comfortable writing publicly about.

Also: “@media” is a terrible conference name from a search-engine perspective. Can’t we all just call it “atmedia ajax”? Or “atmediaajax”? Wouldn’t that be simpler for everyone? :)