Today wrapped up the two-day Designer/Developer Workflow Conference here in Kansas City. A big thanks to Dee Sadler for putting it all together and to the awesome speakers. It was very interesting to attend sessions that were not just about programming, but about the workflow we all deal with when it comes to working with our designers and prototyping applications. I also really liked the re-occurrence of topics centered around mobile development. I even found out about a local group call the Mobile Media Club that was founded by one of our speakers, Vince Vaughan. (No, not THAT Vince Vaughn) I was able to meeting some cool people I had heard of before but never seen in person (like John Farrar and Andy Matthews) and some brand new faces I didn't even know existed (like Seb Lee-Delisle, Chris Griffith, and Vince Vaughan) I'm hoping Kansas City will see some more quality training like this in the near future and will draw even more people.

A brief hiatus today from from the PCI Compliance series to issue a quick public service announcement. I was installing my free copy of SeeFusion today that I netted in the recent give-away WebApper had. Since the target machine was CF7 on a OpenSuse Linux with the JVM upgraded to 1.4.2_11, it was a "manual" install. Pretty easy-- copy a few jar files and edit a few configs. The problem was, SeeFusion wasn't able to connect to my debugging port to capture stack traces and I couldn't figure out why.

The next stop on our PCI DSS Compliance tour is disabling weak SSL versions and encryption ciphers. If your site is handling credit card payments, it is undoubtedly using HTTPS for at least the pages that collect payment information. I thought I had already taken care of this item, but I was apparently mistaken. Fortunately, this is pretty easy to fix and if you're on Windows I've even cooked up a quick and easy registry file for you to use.

As a web developer you have your share of demons you have to face. If your company processes credit cards, chances are your yearly PCI DSS compliance scan is one of those demons. I thought I would do a short series on a few security items I tightened down as a result of our last PCI scan. This is by no means a comprehensive list of everything needed to pass a PCI scan. If you want to know that and have time to read a 74 page PDF you can get a copy of the Spec at www.pcisecuritystandards.org.

I jogged down the stairs, one arm over my head, as I pulled my coat on a sleeve at a time. Fishing the car keys out of my pocket with one hand, I leaned over my computer to tap in my E-mail password with the other. "Wow, 41 unread messages in the CF-Talk folder," I thought. "There must be a hot new topic on the list today." With a click I watched the new thread flow in. "Why i fear ColdFusion is on its last legs" "Oh Geez," I sighed, "Please not with this again!" There wasn't time to read all that right then. I'd have to catch up on this one later in the day when my absorption rate was higher.