Dear PHP-FIG,

Please stop trying to solve generic problems. Solve the 50% problem, not the 99% problem.

Signed,

Anthony

PS:

…

There is a lesson that I was taught many years ago that I think everybody who contributes to Open Source projects should learn. Back when I was a volunteer firefighter, I had a rather interesting conversation with one of our ex-chiefs. Let’s teleport back to when I was 21 years old.

There’s been a lot of buzz in the community lately around PHP and its future. The vast majority of this buzz has been distinctly positive, which is awesome to hear. There’s been a lot of talk about PHP6 and what that might look like. There’s been a lot of questions around HHVM and its role in the future of the language and community. Well, let me share with you some of my thoughts in this space…

This is a post that I didn’t want to write. Actually, it’s a post that I still don’t want to write. But I find myself in a situation where I feel that I have to say something. So I’m going to just open up here. I’m going to put it all out on the table, and see what happens from there.

Yesterday I was asked a rather interesting question about presenting technical presentations. While I don’t think my method will work for everyone, I feel it’s a good thing to talk about. So here’s my method, and some advice that I would give first time presenters:

Last week at the BlackHat security conference, a new attack on SSL secured content was unveiled. This attack is called BREACH, and has been generating a lot of buz on the internet. Tech blogs have been plastering their sites with articles about how there’s no fix, and how you can try to defend against BREACH. Well respected security people have been writing about it.

And I’m here to say don’t worry about it.

For the past several months I have been struggling to figure out what I want the next step in my career to be. I am still trying to figure the details out, but I had an important revelation last night. I want to share that revelation with you.

Yes, you read that right. If your project aims to provide backwards compatibility as a primary goal, you’re a sucker. Tons of popular software projects from PHP to Microsoft Windows have stated goals of providing Backwards Compatibility between releases. And yes, I am here to say that they are doing it wrong.

This past Thursday evening I picked up my Explorer edition of Google Glass. I was lucky enough to have my #ifihadglass tweet chosen to receive the chance to pay an arm and a leg to get them. Needless to say, I did choose to pony up the cash, and on Thursday evening I walked home with my brand new piece of technology dangling off of my right temple. Since first impressions are often strong, but can be misleading, I chose to wait until I had used them for a few days before writing my thoughts. So here they are:

In the April issue of the PHPArch magazine (also published on her blog), Elizabeth Tucker Long wrote a really interesting editorial piece coining a concept she called Security-Driven-Development. She (quite correctly) identified a problem in the current development community where security has become an after-thought (if it’s thought of at all). This isn’t a new concept, in fact it’s a concept that I and many others have been preaching for quite a while now. However I’ve been coming to realize that I’ve had it wrong the whole time. And I think the entire industry is getting it wrong today.