It appears that business is looking up for many people. As President of the Oklahoma City .NET Developers' Group, I am seeing more requests for job fillings. As I travel doing training, more of the students mention that budgets are moving, projects are starting, and positions are needing to be filled. Companies are more in tuned with their hiring than in the 90s and any and all candidates should expect a full examination of their experiences and skills.
I'm excited for each of you getting new opportunities. I see many COBOL programmers now getting the chance to do OOP now. Some are confused by ideas that are similar while others seem extremely different. Take a hold of what seems familiar and be opened to what is new. Those of us who have been coding in the PC industry for years are still learning more and more about the “preferred“ was to code. Don't expect to be a master overnight. Just have fun!
For example, while explaining the risks of Cross-site Scripting threats last week in a Security class, one member of the class asked why MS did not just close of the ability to insert <form> script into a textbox directly or into a query string to be received in the Request object. Using this type of scripting along with <script>, <object>, <applet>, etc. allows the opportunity for someone to deface and possibly lift cookies from an unsuspecting user (hint: beware of "Click here to obtain $1,000,000!").
So shouldn't MS block this from happening? We got into an interesting discussion. I stated that in general and within W3C standards, these are valid statements. It is up to the developer to watch and protect for invalid user data. I know, this is asking a lot, but it is a different world and developers must be aware of security along with the rest of their designs. The individual still asked, what would be a valid reason to insert a <form> string into a query. While I could not think of a good example why, my point was that their might be a reason and it should be allowed to happen if the developer so deems it.
Well Tami Ward ,another student coming from the COBOL ranks, brought up an interesting analogy. While contriversial, it put an interesting spin on the discussions. It the idea comes from the Gun Rights debate. “Guns do not kill. People kill with guns.” Change it to “Script do not hack. Coders hack with script.”
Let the debate begin!