Never trust data, no matter what the source is

xss in the zoen boerland.com
Drupal is becoming increasingly a backend CMS. For editers so they can easy manage their content while for example AngularJSis delivering the content. Or as a backend hup combining content from multiple sources, databases and systems.

Drupal evolved towards this from a blog alike system 10 years ago, a content type with user generated comments below. Back then everybody knew that you should filter User Generated Content and stripe the HTML if you cared about the site. Many other systems up to today however do not filter UGC good enough; user signups, search input and many other ways a user can give input ot the system.

Now Drupal is talking to other systems, combining data from multiple sources, devs still need to understand that one should ***never*** trust input data, no matter if the source is another database or a user.

Because, what could possibly go wrong with just displaying this data directly or injecting it in the database? Why should you "checkplain" the TXT fields in zone of a domain? Why?

Corporate Social Responsibility and using Open Source

A star in a network
It may differ per country and continent, but for most of the regions I know of, Corporate Social Responsibility (CSR) has become a standard within corporations as a way of buying, selling and producing goods and services. We all know that resources are scarce and hence should be used for the best possible use and more important, reused when possible.

By reusing resources to produce new goods or services, we make optimal use of that what is there. This is no longer a “left" or “green" political statement but is being executed by all parties in the political and economical arena, simply because it is in the interest of the person doing so as well as all other persons. It makes economical sense to reuse resources, be good for persons, the community and the environment. Even if it was just for the tragedy of the commons or from a prioner’s dilemma point of view. For those interested in how doing good or bad impacts the group, this academic PDF might be a good start. If you master Dutch this TED quality keynote during a DrupalJam conference of my friend Yoast on vimeo is truly something to watch.

Garden city of to-morrow

So it is my opinion that CSR has moved beyond empty platitudes and has become truly in the genes of people and companies. Many people think that CSR started as corporate philanthropy, a way of the rich to donate to the poor. I don't think this is true, in every revolution, there have been powers to do good for the environment, the people and the community. For example during the Industrial Revolution there was a very strong new socialism trend with taking care of the housing, commnities and villages of the workers, “The garden cities of to-morrow". Not because “the Rich" want to do good perse (“philanthropy"), but because it made sense economically; less death and diseases (less risk) and a richer and happier workforce (and new business models around this growth).

Urban gardening

Most of the definitions I have seen of CSR have in common that it is an integral vision towards sustainable business with social responsibility in business decisions to balance the social and economic impact of the decision. That by itself is an excellent definition and one that will be supported by anyone who is been doing business. The implementation most see however is to have a policy on carbon footprint in a company or to only buy agricultural products that are produced in a sustainable way, without pesticides. All fine.

But it seems that there is a very easy way to have implementation of CSR: by using a product that is produced to be be reused, made with the knowledge of thousands and with target audience of the world. The product that is not wasting a single second of the future and not wasting a drop of the paste. Indeed, I am talking about using open source software (OSS)!
OSS is by definition made with CSR in mind, it is being produced by different people all over the globe to be reused for you and your knowledge will be direct input for making the product better, iterate on the development and implementation.

And hence, a company that is using open source has a sustainable competitive advantage by using valuable rare resource in the most optima form. Therefor I dare any company that is using software to produce goods, to take using open source software into account and into its’ Corporate Social Responsibility policy. For by using open source software, we can truly make a better world by using more knowledge and less resources.

A very healthy situation for any company.

Untitled

PS: if you want more information on this vison, do visit the 12 Best Practices from Wunderkraut session at the DrupalCon Amsterdam. Or visit Wunderkraut at booth number 1 in the sponsor lounge, right by the coffee! We are part of the community that uses and make open source software. With passion.

Bert Boerland en de Icebucket Challenge

Hoe het voelt om als allerlaatste Nederlander genomineerd te worden voor de icebucketchallenge? Zie dat in deze video

Bodemllijn: Ik doneer aan Aaron Winbord (fund), een #drupal vriend die aan ALS lijdt. En ik nomineer Paus Franciscus, permier Mark Rutter en Koning Willem Alexander.

Vader en dochter, animatiefilm

Vader en Dochter (Father and Daughter) is oorspronkelijk een animatiefilm van Michael Dudok de Wit uit 2000. De film kreeg een groot aantal prijzen, waaronder de Oscar voor beste animatiefilm in 2001. In 2007 kreeg deze film een plek in de canon van de Nederlandse film. De film heeft bijzondere geluidseffecten.

Als papa die al 10 jaar "op een mooie pinksterdag" neuriet als ik met dochter (en zoon lief) aan lopen ben, geweldig!

Kinect transcreens

I love the use of the kinect with this transcreen