Oklahoma State Security

How many of you heard about the data leak that occurred in Oklahoma? It didn't get as much press as I thought. Here is a good link to learn about the data leak that occurred. Why did it happen? Bad programming. Plain and simple, it was bad programming that caused this breach. How bad was it? Anyone that had data stored because of a criminal offense was vulnerable.

The sex offender website used a query string to bring back data. Unfortunately, they stored the entire SQL command in the query string. All that was needed to get the entire database back was a 'select * from xxxx' in the query string instead of what was there to begin with. As an application developer, I am appalled that someone could put that kind of code into production. That is a huge security threat and such a basic mistake.

Pic Lens

My roommate found a nice plug-in for Firefox today. It is called PicLens and shows online photos and videos in a large wall format. This works with Flickr, deviantArt, Facebook, Google Images, Yahoo Images, etc. This is basically just a large scrolling wall that displays these items. This tool works in Internet Explorer, Firefox, and Safari.

The idea is great and something like this should be available in iTunes to support album art scrolling.

Carlson Etiquette Dinner

I attended the Carlson School Etiquette Dinner sponsored by Protiviti today for Business Week. The dinner was delicious and I learned quite a lot by about how to act at a professional dinner. I learned various things such as the proper placement of utensils to indicate whether you are done with a dish, the proper way to consume soup, and the proper way to hold a glass with a stem. I also learned that the garnish on a plate is used to hide unsightly pieces of food such as pits of olives and bones in a meat. I also learned that the clinking of glasses in a toast is to drive away evil spirits.

Carlson School of Management and ClubMIS

I would like to announce that ClubMIS of the Carlson School has held elections and yours truly is the new CIO. My duties are to maintain the website and to organize, keep, and provide information for the group. It is also everyones responsibility to try and raise awareness about the club and to help increase attendance. We'll see what next year brings, but I am looking forward to taking on these duties and trying to help the club improve. One thing I would like to see happen is that IDSC classes have information about them other than what the University publishes. I would like to consolidate student knowledge about these courses to help future students decide what classes they would like to take.

ORM and NORMA

I would like to introduce all of you to the best database modeling scheme out there. There are many modeling schemes, ER diagrams being the most prevalent, but these do not adequately model database structure. ORM or Object-Role Modeling has been created by Terry Halpin and he has produced his tool, NORMA, that allow you to think the real world in real terms. Everything is thought of as an object and objects are related to one another. In ER diagramming, groups of attributes are clustered into entities and this can produce what is called "table think" that does not accurately portray real life. NORMA will also generate the relational model, the database scripts, and if you put in population details, it will generate tests for you as well. This program is an add-on for Visual Studio 2005 and for Visual Studio 2008. The added benefit of using ORM is that is based on fact sentences. These sentences can easily be validated by users for trueness. Learned correctly, ORM will produce correct database structures that are normalized and that can easily be extended should the need arise.