Turn on more accessible mode
Skip to main content
Turn off more accessible mode
Comp410
>
Fall 2007
Sign In
|
Fall 2007
This Site: Fall 2007
Fall 2007
Customer Resource Site
Fall 2007
>
J12 11-16-07
>
View Response #5
J12 11-16-07
: View Response #5
Name
Derek Sessions
Milestone Status: Gains made (If possible, include hyperlinks to what you mention here.)
Milestone report is
here
My main work for this week has been on testing and security testing. I've been mostly focusing on SQL injection and XSS attacks for now, but I'll be looking into other things later (after I am satisfied with our security or at least our knowledge of security holes.)
Also, I will soon be helping Matt 'encourage' people to work on features, i.e. annoy people until they start working on or finish up required features.
Milestone Status: Obstacles Encountered
Problems I've had this week:
I've never done too much security testing before, so I'm still learning the basics as quickly as possible
I am unfamiliar with our current security methods, which makes testing for now a bit more random
Milestone Status: Proposed Solutions
This is just a matter of constant researching and playing around with stuff. I'm fairly familiar with the basics from work before hand and passing interest in the field, but I have never buried myself in it before. On the bright side, I'm having a lot of fun with it, so research is enjoyable and work is exciting, which always helps
Starting this coming week, I am going to familiarize myself with all our security systems, such as protection from SQL attacks and how we do Javascript stripping in the WYSIWYG editor. From there I'll cross-reference what we do with known attack vectors to try to find some new holes. However, I'm still nervous about the unknown/hidden ones...
Development Process: What seems to be working and why?
Everyone seems to be doing a great job and team organization is still strong. This week was a bit of a hiccup in terms of progress due to exciting projects like malloc and other work, but overall the general process is going well. No one seems to be angry at anyone else and it's easy to get people when you need them or ask a quick question about something and get it answered.
Development Process: What does not seem to be working and why?
Legal issues are the bane of our existence at this point. Between the beta delay, copyright issues, hosting issues, and the issue that came up on Friday we're losing a decent amount of time on such things. I guess it's really just an example of how the real world works and I imagine we will all get stuck with legal stuff in the future. Doesn't make it fun though...
In terms of actual team dynamics, I can't think of any problems.
Looks like you have a way different (and more optimistic take) on this week than others have. Do the low percentage completions concern you? --Chelsea
I knew this week had multiple projects due, including malloc, so I didn't expect much to get done this week in total, thus I'm pretty happy stuff happened at all. I remember malloc being massively time consuming, especially when other projects are due around the same time -Derek
Development Process: Proposals for change--issues addressed and why the change will help.
It looks like legal issues are clearing up, which will be nice, and I'm sure everything will get worked out soon. The current plan is for the beta to start on Skynet on Monday, which should be fun, although we still have some things to sort out. The things that should be simple and easy always turn out to cause such a ruckus...
Peer review: Positive or negative feedback for other class members
Everyone seems to be doing a great job. Congratulations to those who are finished with malloc. Only web proxy left...
Additional Comments
Good milestone sections.
Created at 11/16/2007 11:13 PM by Derek B. Sessions
Last modified at 11/19/2007 1:13 PM by Derek B. Sessions