My Thoughts on FOWA Dublin
This post is a little late, I've been upgrading my blog.
A couple of weeks ago I attended the FOWA "show" in Dublin. The use of the word show is from the organisers Carsonified - not myself - and there was definitely a frustrated rock star air to the whole thing. Words/Phrases of the day were "Awesome" and "Kick-Ass" and the fuck count was up in the twenties within the first hour.
The highlights of FOWA for me were as follows:
Being introduced to Balsamiq Mockups an nice little tool for producing wire-frames of web page layouts, though as Elliott Kember points out - in a rather long winded blog post - it can be dangerous in the wrong hands. Business users could suddenly think they are UI designers who can do your job for you.
Simon Willison gave a good presentation on security. He talked about XSS and SQL Injection which we should all know about but also CSRF and Click Jacking. If you aren't familiar with the latter then you should be. In summary, consider the following when developing web applications:
- Don't modify data in get requests.
- Keep Sessions short.
- Don't use a remember me function (either as a user or developer).
- Add a hidden field to your forms containing a server generated token which should be validated when a form is processed.
I know I haven't given reasons for the bullet points above, but they should be fairly obvious. Hopefully Simon's talk will appear online somewhere.
Finally, Robin Christopherson of ability net gave a presentation using a screen reader. Interesting points raised were:
- Auto playing media with sound drowns out the voice of a screen reader making it impossible to navigate a page.
- Badly written alt tags really mess up the usability of a page. Despite the fact this is such a well publicised issue massive amounts of developers still don't provide meaningful alt tags.
- The audio equivalent of Captchas are frequently unintelligible, despite offering to provide manual assistance during signup large organisations - including Google - frequently don't.
I'm now committed to never placing a Capctha on any site that I work on in the future.
Other than the above, the conference was largely uninspiring (for me). David Heinemeier Hansson from 37 Signals was entertaining but delivered a motivational speech rather than anything technical. Blaine Cook (of Twitter fame) came frustratingly close to saying something interesting on several occasions but ended up delivering a very high level and fluffy talk on social networking. The guys from Contrast had a good delivery style, but I didn't need to be told that the web is full of conventions and cliches, I work with it every day. I know.
Anyone else who spoke just fell of my radar. That isn't a criticism, maybe I just wasn't the target audience. I know this post may come across as being overly negative but it honestly isn't intended that way. My kind of conference just involves more tech and more innovative cutting edge stuff.
I'd be interested in going to FOWD in London, they have two tracks as opposed to the one offered in Dublin so you can pick and choose your speakers.
So that was my 5 minute summary of FOWA Dublin. There are a load more posts all over the web complaining about the WIFI, coffee and praising/slating various speakers. I've just picked out the bits and pieces that were relevant to me.