Just been looking through some of the graduation stuff from the other week and came across the class photo of those who also graduated as members of the BCS. This actually turned out quite well given that we were staring up at the sun while trying to look at the camera. Well done once more to the Applied Computing class of 2009, all the best in whatever you find yourself doing.
The full article can be found at: http://www.computing.dundee.ac.uk/newsandevents/newsdetail.asp?861
Hard to believe that my 4 years of student life at the University of Dundee are coming to an end today. In some respects this has been an uphill struggle, in others it has been a wonderful, enjoyable and rewarding experience. I have made mistakes a long the way, I have learned important lessons and I have worked hard to better myself not only as a software engineer, but as a person throughout this experience.
I was planning on collating a number of resources and tit-bits of information and then posting them to the internal mailing list at university, however I changed my mind and decided to write this post making what I have to say open to all. I hope it is of use to someone as the advice I provide here comes from real, solid, “Been there, done that, got the t-shirt” experience.
Not all of it may be relevant to you but it has helped me. Use the links below to view each page (I apologise as it is rather long).
[Update 06/07/09] – Need more proof of how social networking can ruin you if used carelessly? – http://news.bbc.co.uk/1/hi/magazine/8136395.stm (see 5. Be social but be responsible)
Â
University of Dundee
Hard to believe that this is now week 9 of my penultimate semester/term at Dundee University, time has just flown in. While this is normally a good thing I am left realising that the available time to work on my honours project is deminishing rapidly.Â
Â
My honours project is focused around the management of software projects and teams across more than one methodology or management style. In-keeping with the theme of the project, I am working under an agile approach and will be utilising a number of aspects of Scrum (user stories, sprints, user-centred development, etc.) and because of this I am keen to enlist the support of the development community.
I am looking for open-minded people who will have a little bit of time going spare from January to April to play the part of the “customer” or “customers” in my project. My supervisors are keen to bring real people into the development and felt it would be a good to get some input from people involved in the software development process.
I am still in the planning stages of user involvement but I am aware of the need to start finding people willing to help out.
Ideally I am looking for managers a developers and designers in order to get a good spread of expertise and requirements although I am not expecting to get exactly what I am looking for.
More details of the project can be found on my Honours Project page.
During work on a security module I have run into the question of whether or not I should use a CAPTCHA technique on user registration or if an alternative should be employed.
CAPTCHA’s in my mind are quite frankly annoying, like many other web users I have run into my fair share of those that either just don’t work or are very hard to read/interpret. Because of this I felt that some research into how good they actually are at preventing or reducing spam and automated bots from registering was needed.
A quick google for “CAPTCHA disability” returns an interesting article on the W3C [http://www.w3.org/TR/turingtest/]. I draw your attention to the final two paragraphs of the conclusion:
The widespread use of CAPTCHA in low-volume, low-resource sites, on the other hand, is unnecessarily damaging to the experience of users with disabilities. An explicitly inaccessible access control mechanism should not be promoted as a solution, especially when other systems exist that are not only more accessible, but may be more effective, as well. It is strongly recommended that smaller sites adopt spam filtering and/or heuristic checks in place of CAPTCHA.
Lastly, new approaches focusing on using exclusively visual or auditory means for access control, such as the “PIN Guard” mentioned above, should be scrapped until a reliable method exists for users who cannot access them to authenticate themselves. A short-term security benefit is not worth threatening a person’s autonomy by denying them access to such important data as their finances.
OK, So given that what I am working on is supposed to emulate a small e-commerce website, I can take that on board and I agree. So the question becomes do you abandon this kind of check and “sort it out later”? Or are there other things you can do?
I found a a blog post by Slobodan Kovacevic in which two non-discriminatory approaches are explained, they are not a 100% guarantee against spammers but they can help reduce the impact.
The first one generates a unique hash string in the page session where the form to be protected is located when the GET request for the page is received. When the form is submitted the hash is validated and if they do not match the request is denied as it means that a direct POST request was sent. The idea is that anyone who wants to send the form data has to visit the page with the form first, it prevents automated form submissions over POST. As Kovacevic points out this does not prevent someone paying a human to process form submissions by hand but it does add an unobtrusive extra measure with a very small overhead.
The second idea is to use CSS (and maybe some JS as well) to place “bogus” form fields on the form using names that bots will commonly fill out. If any of these fields contain data when the form is submitted the request will be denied. Downsides to this approach are two fold; First if the user disables CSS or JavaScript (or is using technology which does not use either) the fields will be visible and can potentially cause confusion, two name fields for example. Secondly it feels a little, well “clunky” to me, generating extra HTML just to catch out spam bots? I could be wrong but I can’t help but wonder if that violates one of the unwritten laws of web design.
This is not a huge considderation in the grand scheme of things, but it does pose some interesting questions. If anyone has any ideas or comments on this, please let me know.
Today saw the end of one of the largest pieces of on-going coursework we have done at university thus far. 6 people working together in a group for 6 weeks using a methodology that only 1 of them had any solid knowledge of at the beginning. So, how did it go?
Putting aside the differences in experience and ability, pretty well. I find it hard at times to accept that I have an advantage over many of my peers in that I have more experience in development and methodologies. I read the articles and the books, I play with the tools and I learn very quickly.
It took time but the group really began to work closely together and especially in the 2nd sprint were able to work around tasks and keep things moving along. Communication became more free flowing and a bond formed that made working together much easier.
I think everyone has benefited from this project and has taken away something valuable from it. To get hands-on experience of both Agile and Waterfall approaches to software development before entering the industry is not something I would say is common and I think it has been a great opportunity for everyone.
I am not a fan of rigid designs and reports, they have their place but often they stifle productivity and creativity. Agile is growing and I am quite sure that at least once in their professional careers the other students will work in a team that uses an agile approach. By having this experience they will be more prepared for it.
I want to say well done to the team for this amazing effort, you all did well and hopefully you enjoyed it as much as I have.
I would like to say thank you to our Customer (although I doubt he will ever read this, doesn’t hurt to be courteous), Colin from Live and Lets Dive for presenting us with this challenge and for supporting the students.
And finally I would like to thank Janet for the hard work and effort she has put into this module in order to make this as enjoyable and as entertaining as it has been. Thanks Janet.
And so the end, well only of this project. The blog continues, university continues and my never diminishing quest for knowledge continues. If anyone outside of Dundee University has been reading this, I do hope it hasn’t bored you senseless or left you wondering “what on Earth?”.
Oh, and can I haz ur blocks?
| © 2011 Andy Gibson Header image courtesy of Don Solo |
Suffusion theme by Sayontan Sinha |
