Notes from Thursday at Jazoon

Here are my notes from the Thursday at
jazoon.com

==============================================================================
Thursday June 25, 2009

------------------------------------------------------------------------------
OAuth - the missing manual
Paul Sevinç – Doodle AG
David Gubler – Doodle AG

Problem
- A service provider A
- A third party B
- User have to disclose passwords to the 3rd party B
  to take advantage of service A

Solution
- oauth.net/core/1.0
- oauth.net/code - implementations for C#, Java, JavaScript, ...

OAuth does have security problems
- Phishing attacks
- Session fixation attacks

Doodle
- Group scheduling

------------------------------------------------------------------------------
Wuala Webstart: Launching a Java Application directly from a Website
Luzius Meisser – Caleido AG / Wuala

www.wuala.com (online file storage service)
luzius@wuala.com
wuala.com/Luzius

sourceforge.net/projects/wualawebstart

Motivation
- Rich desktop application (online file storage)
- Users should be able to run Wuala anywhere
- Minimize effort to get running (no install, few clicks, quick)
- bridge web and desktop

Possibilities
- Web App - did not offer client side encryption
- Installer - loss of context, admin rights, many clicks
- Portable app - loss of context when switching form web to app
- Java Web Start - not often handled by browser, can't use SWT on OS X

Implementation
- Trusted applet is loaded
- applet copies a loader.jar in to tmp and runs it.
  RCP exists as an own process, surviving closing the browser
- If instance already running, the loader connects to it (TCP)
- If not, the app is opened

Protocol
- secure connection
- C: I want to start latest, my local version is 313
- S: Latest is 317 ...
- ...

Agility
- Can deliver updates much faster than classical desktop.

------------------------------------------------------------------------------
Web 2.0 @ NASA
Linda Cureton – NASA
Chief Information Officer, Goddard Space Flight Center

Safely return space shuttle to flight
Complete space station by 2010
robotic exploration of mars
replacement for shuttle

10 centers
budget 16.7B
employees 18,600
contractors 43,600

Goddard manages around 80 flight projects

where did we come form?
where are we going?
are we alone?

blogs.nasa.gov
twitter: LRO, GLAST, IBEX, DMV, HST, SDO
Virtual worlds:
  The generation that will go to Mars or back to moon are in daycare now
Podcasts: Hubblecast, NASA Goddad Shorts, GLAST, ...
Facebook: ...

Benefits of social media
- build teams, strengthen networks, collaboration, sharing
- facilities: communication, engagement, transparency, trust
- collective intelligence
- Spacebook (internal)

Impact
- Control in hands of users, not CIO or web master
- Breaks communication hierarchy

Lessons
- Focus on what users need
- Share what you are struggling with - you may get help

Next steps
- Measure value

-----------------------------------------------------------------------------
Closing Session
Christian Frei – Keynode

1080 attendees (20% more than last year)