This last weekend I attended SunshinePHP in Miami Florida !

In the photo below you see Rasmus Lerdorf - which made it a hat trick for me, seeing the three people that I consider to be the fathers of modern PHP all in the same week !

Home of the best things about being a PHP developer is the community and SunshinePHP was great for me because I got to see a collection of PHP friends that hadn’t seen for a while.

In addition to Rasmus’s keynote…..

• Cal Evans gave a motivating oratory on the successful community.
• Keith Casey gave a great closing address on “Thinking Outside the Box”
• Davey Shafik was there representing @EngineYard
• Beth Tucker Long did a great talk on continuous integration for PHP develoeprs
• Sebastian Bergmann taught me about PHPUnit for Unit Testing PHP apps.
• I got to visit with my old pal Mark Brown from Microsoft
• I met Luke Stokes, co-founder of FoxyCart
• I met Matthew Turland who I’ve followed on twitter !
• I got to meet Corey Fowler – who I’ve been friends with on twitter for years but never met in person !! (And who now works at Microsoft)
• I met (and missed lunch with) Alan Seiden – PHP IBMi Guru!

What an awesome 2 days…..

If you’re not attending PHP Community events, you’re missing out !

My second week at Zend was spent in Las Vegas at the Zend annual kickoff.

In my career I’ve had the great fortune to work for and with many pioneers in the software development world.

Many years ago I help the position of Assistant Director of Technical Services for JPI TopSpeed and worked for Niels Jensen, the co-founder of Borland.

At Microsoft I got to spend a number of years working for Scott Guthrie (co-inventor of ASP.NET) and interacting with Anders Hejlsberg (the guy behind Turbo Pascal, Delphi and C#).

At Mozilla I worked in the realm of Mitchel Baker (Open Source pioneer and Mozilla Founder) and Brendan Eich (creator of JavaScript).

I kept with that theme in my decision to join Zend Technologies and now I have the privilege of working with Andi Gutmans  and Zeev Suraski (co-founder’s of Zend Technologies and co-developers of PHP3, based on Rasmus Lerdorf ’s origination PHP creation.)

Last week in Las Vegas, Andi outlined the business success and future of Zend as a company.

Zend’s Zeev Suraski and Guy Harpaz

Zeev Suraski (Zend CTO) and Guy Harpaz (PM for Zend Studio) were on hand to show us the awesome new versions of Zend Server and Zend Studio.

Stay tuned as I’ll be focusing a lot on the “professional” platform and IDE for enterprise PHP development in the coming weeks.

In addition to those folks, more of Zend’s executive leadership was on hand.

Zend CMO Elaine Lennox & VP of Worldwide Field Operations Siddhartha Agarwal (pictured above) were present as well.

Though I must admit that when the heads of  marketing and sales put their heads together and look like they are having that much fun – it can only mean trouble for the rest of us !

We spent three PACKED days learning about the new products, services and strategies.

But we still managed to have some fun.

Who say’s executives don’t know how to party !

Of special note is this photo of Mike Pavlak, Zend Solutions Consultant and PHP on IBMi specialist !

Mike promised to only have ONE beer on our night out on the town !

I’m thinking I’m going to have an awesome year !

I’ll be attending SunshinePHP Feb 8 & 9 !

If you’ll be there, find me and say HI !

The PHP I: Foundations course is designed to provide non-programmers with a solid foundation in the PHP language. This course guides you through the basics of PHP with an experiential approach, filled with numerous examples and hands-on exercises, including substantial practice in coding a functional application. All of the exercises are designed to reinforce key learning.

Visit the Zend Store for details and a Coupon Code

So here is my first question for my readers.

Shoudl I retire MisfitGeek.com and start a new blog?

I’ve blogged at MisfitGeek.com for a decade and I created the MisfitGeek persona becuase Microsoft (where I worked at the time) wasn’t known for straight talking technical folks who would give developers the best advice even if the best answers we’re made by Microsoft.
MisfitGeek was intentionally irreverent and intended to speak to a rogue audience.

Years ago I secured the domain name SoftStrategy.com which I always thought would be a great blog identity. I choose not to use my name (JoeStagner.com) because I prefer to keep my personal (social / political) writing and my technical writing separate.

Since I’ll be blogging about HTML5, Android, iOS, Linux, DataBase, WIndows, general software development, and patterns and practices – in addition to PHP, Zend Server and Zend Studio – it’s seems like SoftStrategy.com would be a good choice.

I would keep MisfitGeek.com on line for archive use and also continue to tweet as @MisfitGeek and I would swap my feedburner links so no change to your readers would be necessary.

So you tell me ………..

1) Make the switch and start fresh at SoftStrategy.com

2.) Keep MisfitGeek.com

I was first introduced to PHP in 1998 as I had begun looking for an alternative to Microsoft’s Classic ASP and Netscape LiveWire which my consulting company was using extensively at the the time.  It was only a few years later after I had joined the Developer Tools & Platforms initiative at Microsoft that I got a call from Brian Goldfarb, who was then also at Microsoft working in the Developer Marketing group. Brian knew that I had done some PHP work prior to joining Microsoft and he was preparing for an executive briefing on “this open source web development technology” that Microsoft was worried about competing against.

For a few years I was the PHP competitive specialist at Microsoft but after a couple of years Microsoft’s PHP strategy started to evolve and the Windows division, along with the IIS team came to believe a better approach was to embrace PHP and work to make it run well on Windows. I spent six more years working with PHP on Windows. At that time, PHP worked on Windows but lacked the performance and stability needed by mission critical production applications.

I met Andi Gutmans (the co-founder of Zend Technologies) as Microsoft contacted Zend to solicit their help with improving the PHP experience on Windows. Around the same time I met Zeev Suraski (the other co-founder at Zend) at a PHP Developer’s event that we were both speaking at.

Over the years Andi and I continued to cross paths and, since Zend’s USA headquarters is in Cupertino CA, and Mozilla’s is in Mountain View, last year I was able to stop by and see the things Zend has been working on. I was amazed.

Andi introduced me to Elaine Lennox, Zend’s CMO. Conversations ensued, the timing is right and so, today I join Zend as Director of Developer Strategy.

What does that mean, exactly. Well, I’m not sure I know, (it’s my first day) but i have a few high level goals that I’ll be focusing on.

• Helping Zend take a more active role in the PHP community as a whole.
• Helping Enterprise PHP Developers, including over 40,000 Zend customers successfully build and manage world class applications.
• Helping the Zend engineering teams understand PHP developer’s needs to that they can build the best possible professional PHP development products.

Ok, but what does that translate to in terms of action ?

Well, it;s only 8:00am on my first day but I plan to ….

• Build a team of community rock stars
• Build tons of great content for PHP developers
• Build content that helps developers get the most from Zend Server (including the free version) and Zend Studio
• Drive adoption of Zend Server FREE Edition
• Grow DevZone
• More, more, more…….

I’ve always been enthusiastic about PHP as a language. If you consider the trends toward mobile applications and cloud based computing, PHP presents an even more attractive choice for developers that in the “classic” era of dynamic web applications.

I’m incredibly excited. This feels not just like a great job, but a great opportunity to do exciting and significant things. I’ve spent the last 12 years of my life doing technical community building with a product influence focus, I excited about being able to immerse myself in the PHP community

So I invite you. Use the contact form here on my blog and tell me as a PHP developer or Zend Server / Studio user, what would YOU DO !

Friday was my last day as a Mozilla employee.

I joined Mozilla almost 16 months ago after spending a decade at Microsoft. I wanted to move into the open source world and no organization represents open source as plainly as Mozilla, the non-profit foundation that brings us Firefox.

Mozilla is filled with wonderful people. I’ll miss many of them but one cool thing about working at Mozilla, and leaving, is that you don’t have to stop being “a Mozillian”.

I joined Mozilla to evangelise the open web. On my first day at Mozilla there were 165 full time employees. Today there are something like 750. Growth that rapid often results in turmoil and Mozilla is experiencing it’s fair share. More importantly to me is that the developer engagement team has shifted it’s focus to primarily drive developer adoption of FirefoxOS.

Don’t get me wrong, FirefoxOS is very cool and it truly amazes me what a relatively small number of engineers have been able to accomplish so far.

To begin with, I’ve discovered that I’m not really the right personality for a non-profit. Every conversation I had with my management left me reminded that I didn’t really fit in.

I wanted to fit in, but my real reason for leaving is that, while I’ve been able to do technically interesting work at Mozilla, the best part of being a technical advisor is being able to help businesses and professionals succeed.

Focusing on FirefoxOS may someday provide that opportunity to Mozilla’s developer evangelists, but not until after it releases, after cell carriers adopt it, after it is released all over the global market and then only if it can successfully compete against Apple, Android, Microsoft and other new players like Ubuntu to succeed where other players (like WebOS) have failed.

I think FirefoxOS has a chance and I wish them well, but at this stage of my career, and given my prior career experiences, I find greater satisfaction in working with larger and more commercial (existing) audiences.

I plan to stay involved with FirefoxOS and especially the Mozilla HTML5 apps initiative, but for full time employment, I’m off to find a better fit.

I made this decision not knowing exactly what I’ll do next.

I know I plan to work on a team, rather than in a group, and that I want role where I can help my company succeed while helping my customer do amazing things !

Stay tuned – I expect to blog in a week or so about my decision !

When you’ve been using computers as long as I have change doesn’t always come easy. But, at Mozilla we have a saying that “The Web IS the Platform”. I’ve spent a LOT of time over the past year researching how much one can actually do using only “Web Technology”.

In case you’ve been under a rock for the last couple of years there is an ongoing debate (meaning argument) about HTML5 versus “Native”.  The more I experiment with HTML and the associated technologies, the fewer use-cases I find that truly require native platform technologies.

In May of 2011 a co-worker came back from Google I-O with a “Chromebook”. He described it as a net-book that only ran the Chrome browser. As a Microsoft employee I was a good corporate citizen and ran Internet Explorer as my primary browser. (Though I used Firefox for development work). IE doesn’t really have an extensibility model (and no, I don’t consider ActiveX a viable extensibility model) so I hadn’t really come to think of the browser as a container for application type functionality.

Spending the last 14 months embracing Firefox (and by association, Google Chrome) I’ve learned to be comfortable doing things in the browser  that I historically felt the need to do with a native Windows app. So, thinking from the perspective of Mozilla’s “The Web IS the Platform” and seeing the amazing progress we’ve made with FirefoxOS (an HTML5 Operating System for Phones) it makes sense that my “second look” at Chromebooks might leave me a bit more open minded about the potential.

Then it happened a couple of weeks ago. I stopped in to my local Best Buy store to upgrade my phone and they had an end-cap display of Chromebooks. They had two models on featured.

• Samsung 11.6″ Series 3 Chromebook
• Acer 11.6″ C7 Chromebook

The Samsung ($249) had more elegant, Airbook-eske lines but they had the same size screens and RAM and they both booted in the same 20 seconds. However, the Samsung ($249) had only a 16 gigabyte SSD whereas the Acer ($199) had a 320 Gb hard drive. Since the both booted at the same pace I opted for the cheaper Acer with 20 times the storage.

The plan was to see how much real work that I could to without having to revert to a “full” laptop. I have to say the the experience has been FAR better than I expected it to be. To begin with, I’m getting almost 5 hours of battery life which is 20% more than the manufacturer’s estimates.

The file manager takes a but of getting used to but once I did I was able to organize my files and easily move them between local storage on the hard drive and my Google Drive. One of the cool things about this is that I’ve been able to copy ripped movies t the Chromebook hard drive for in-flight viewing. They play just fine.

I plugged in a Microsoft wireless desktop (Mouse and Keyboard) and they “just worked”.

I found a plethora of apps to meet most of my daily needs.

Between Google Apps, Zoho, and Evernote I have most of my basic needs fulfilled. I also found a collection of other useful apps.  A couple of ToDo list managers, source code editors with built in FTP support, a web based irc client, basic image editors, etc.

I wrote the blog post, cropped the image, and posted all on the Chromebook.

So, what can I NOT do.

Well, I can’t run Zend Studio or other IDE / Editors of choice. I can’t to rich Video, Audio or Image editing (though I can do simple stuff), I haven’t found a batch FTP program yet. The list is pretty small.

There are also little annoyances like the inability to rearrange the order of the icons in the application launcher (which seem to be on the bill for the next ChromeOS update.)

VGA and HDMI support. Wired or Wireless network access. 3 USB ports with drive and device support. 320 Gig hard drive. All for $199.

It may not ever be my ONLY computer, but I probably could have gotten though high school and college with it and it’s almost instant on makes it a great personal data assistant !

The last week of the year is always a quiet one. Most people take holiday but most years I prefer to use the relative quiet time to catch up, reflect on the last year and think about what I want to accomplish in the year to come.

2012 has been a great, stressful, fun, frustrating educational year. Having started at Mozilla in late 2011 after spending 10 years at Microsoft, Mozilla has been an adjustment. Mozilla has nearly doubled it’s employee compliment since I started. The ethos of the organization has morphed from a primary focus on the browser to building FirefoxOS, an HTML5 phone operating system and the accompanying apps platform and marketplace.

I did a lot of coaching, business, strategy stuff this year and not as much technical work as I normally have done in my developer community work.

Though I don’t make “New Year’s Resolutions” I do have a to-do list of work items that I want to focus on this year.

• Start doing How-Do-I videos again. (HTML5 & PHP) 
• Blog at least once a week.
• Start sharing all my code on GitHib.
• Conference Talks (I only did a few this year).
• Contribute to at least one Open Source Project
• Embrace the Cloud (starting with moving my blog to a could host).
• Renew my interest in iOS and write my first native  iOS app.
• Organize my social media presence (separate my work and my personal identities)

Technically over the last year I focused almost exclusively on the client which is funny because I’ve always been a “server side” guy. In 2013 I plan to divide my focus between client technologies and the server interaction patterns that make for great app experiences.

First up – a two day camp on migrating apps to FIrefoxOS.

What do you plan to focus on differently in 2013?

Is intellectual property protection a myth?

In a word, yes, sort of, at least in a technically acruate sense.

Last week I had a conversation with a developer who told be that his company would never develop an HTML5 app because his intellectual property was far too valuable to share with anyone who wanted it.

Of course, upon further discussion, like most of the developers that have said this to me over the years, what he was really concerned with is software piracy, but lets talk about the former first.

Developers, like the one I was talking to above, insist that their distributed applications be compiled so that their source code is “secured”.

Ok, 1999 called to say it misses you !

I was working at Microsoft when we released the beta versions of .NET. Included in the SDK was a decompiler. Developers around the world went nuts because all their source code would be stolen !

The truth of the matter is that source code is retrievable from compiled applications on all popular computing platforms. Just a bit of crafty googling will find you de-compilers for C#, Java, Visual Basic, C/C++ and a plethora of other languages.

These will turn your executable binaries into source code. Which tool you use would depend on the type of file you are decompiling which can be determined by headers in the files themselves.

The common response is that the code is not the same as the original source code, and that is true, it may be harder to read (or it may be easier) but either way the “intellectual property” would be exposed.

And there are other ways to get source code for an app too.

You will also find disassemblers that turn an executable binary file into assembly code. They basically convert the executable machine instructions into platform specific Assembly code instructions. If assembly code is not your thing you could them run a source translator to convert the Assembly into another language like “C”.

Of course this still doesn’t deliver the exact source code written by the developer. The resulting source code may not even be recompilable without modification, but again, the “Intellectual Property” has been retrieved.

There are very clever tools like the Holodeck Debugger that allow a skilled hacker type to view in real time what instructions are being executed by the operating system. (Holodeck is an AMAZING tool for good guy developers too !)

It’s possible to implement an encrypted operating system (file system, memory, runtime, ect.) that could decrypt programs in isolation for execution, but characteristics of such an operating system would make it unsuitable for general consumer use.

So, when we talk about intellectual property protection in our applications it’s important to understand that what we are really talking about is just increasing the difficulty level involved in stealing our code or using it in meaningful ways that oppose our desires.

.NET and Java developers who felt the need solved this problem by using pre-compilation obfuscators. The obfuscation process converted the source code to a product that, while syntactically valid, made no sense to the human viewer.

When decompiled the hacker has access to only the OBFUSCATED source code. The intellectual property was still in there, but for all intents and purposes, still secret. The process of reverse engineering code delivered after this obfuscation / compilation was too time consuming to be of interest. This makes the intellectual property secret in a practical sense, it not a purely technical one. Some obfuscators even produces source code that would feail recompilation attempts.

Likewise, people have been securing the logic and the content of the web for a long time. Obfuscators exist for HTML, CSS, and JavaScript. If you’re a web developer you have certainly cracked open a page or a downloaded a JavaScript file and seen huge strings of hex digits. Those were probably a method of obfuscation.

For example, the following simple JavaScript program:

var a="Hello World!";
function MsgBox(msg)
{
    alert(msg+"\n"+a);
}
MsgBox("OK");

When obfuscated becomes this.

var _0xf979=["\x48\x65\x6C\x6C\x6F\x20\x57\x6F\x72\x6C\x64\x21","\x0A",
"\x4F\x4B"];var a=_0xf979[0];function MsgBox(_0xa221x3)
{alert(_0xa221x3+_0xf979[1]+a);} ;
MsgBox(_0xf979[2]);

Using the application will expose what it does but viewing the source code does dot expose HOW it does it.

There are really two things that people are interested in defending against. One is people using their software for free, the other is people stealing their source code which is to say the algorithms that are specific to their applications.

If you’re build an app using web standards (HTML5/JavaScript/CSS) you need to decide how much “protection” is enough to satisfy your concerns.

Of course the most secure method is to keep the parts of your logic that need to be secret on the server. You can modify your application’s architecture so that some functionality is only available when an internet connection is present.

You can use obfuscated client side assets to confuse prying eyes from easily hacking the APIs. Of course, if an even higher level of security is necessary, you can further restrict access to the APIs by using SSL and a per request token based authentication mechanism.

Similarly, once you have done the above you can use similar methods to assure that the user of your app is authorized to use it by periodically requiring an authentication handshake. (Mozilla apps will provide an API to help the developer do exactly this using Persona and the MozApps receipt system.

Many organizations have discovered that these concerns are never realized when their apps become public but above are a few ideas that you can use to make stealing your code more difficult. Remember, there is no such thing an an app that can’t be reverse engineered. But you can make them work for it !