Steven Lawrance: Difference between revisions

From Moonlight Design
Jump to navigation Jump to search
Line 260: Line 260:
*January 2007 to present
*January 2007 to present
*'''Accomplishments'''
*'''Accomplishments'''
**Built a security testing framework for [http://www.salesforce.com/appexchange/ AppExchange] package security
**Built a security testing framework for a new feature
**Enhanced an internal testing tool's user interface
**Enhanced an internal testing tool's user interface
**Helped resolve customer cases related to using the [http://wiki.apexdevnet.com/index.php/Web_Services_API application programming interface] (API) with TLS and SSL security
**Helped resolve customer cases related to using the [http://wiki.apexdevnet.com/index.php/Web_Services_API application programming interface] (API) with TLS and SSL security

Revision as of 05:59, 2 October 2007

Welcome to the web site of Steven Lawrance, master of software engineering (MSE). I enjoy building complete computing solutions at all levels of abstraction to automate business processes at a low cost, in a short time frame, and with high quality. Put my experience, interests, training, and expertise to work for you. Please feel free to contact me today.

This page and the linked wiki pages are a work in progress, and I am aggressively working on copying the content from my old web site to this wiki and filling in missing content. This notice will go away by 2007-10-07

Interests

These areas all share a common theme of putting software to work for you, regardless of the underlying technology. For me, computing solutions are not about the technology; they are about what the technology can do for you.

Mozilla Thunderbird and Firefox extension development

Microsoft Windows to Linux computer and network migrations

Tux.png
  • Cost effectiveness assessments
  • Project planning
  • Training
  • Migration execution
  • Profile migrations using Home Profiler
  • Windows application porting to Linux using Wine

Custom software development

  • Data entry and reporting systems
  • Middleware and network software development
  • Desktop client application development
  • Software process metrics, measurements, and analysis

Linux, Apache, MySQL, and PHP (LAMP) solution development

Java application development

  • Development of Java-based web and desktop applications
  • Swing and SWT graphical user interfaces
  • Bosch Security Configuration Assistant
  • Reggie/CIS, including the spell-as-you-type spell checker
  • Security test framework for AppExchange packages in Salesforce.com

Software and network security

  • Security in software development processes
  • Border, network, and local system security
  • Web application security
  • Centralized LDAP authentication
  • Encryption and certificates, including TLS and SSL
  • Novell AppArmor
  • Linux iptables
  • Astaro Secure Linux
  • Cisco PIX and IOS configurations and access control lists (ACLs)

Building and home automation

Linux server configuration and maintenance

  • Planning, installation, and maintenance of Linux servers
  • Configuration and maintenance of standard and enterprise network services
  • Creation of special-purpose FUSE filesystems, such as the read-only filesystem
  • Customized network security, filtering, and routing rules
  • Active and deep knowledge of security technologies, including TLS and SSL

Software Project Experience

Team software

I materially participated in the team software projects listed below:

Name Description Technologies SLOC Year
Bosch Security Configuration Assistant An Eclipse-based application that generates three-dimensional security plans for buildings using a rule engine and three-dimensional visualization Java, Eclipse, UML, Apache Ant, Bugzilla, CruiseControl, MediaWiki, Subversion, SWT, C++, JNI, Win32 21,274 2005-2006
Reggie/CIS A large 200-user multi-tenant three-tiered system that was used by all Ryan White Foundation CARE-funded AIDS service organizations in San Francisco in collaboration with the San Francisco Department of Public Health (DPH) AIDS Office and two partners to the San Francisco AIDS Foundation (SFAF), where I worked for about five years. I actively maintained this system with a colleague at the DPH AIDS Office and was principally responsible for maintaining the "CIS" portion of Reggie/CIS, which extended the Reggie platform with extra features that the SFAF and two other organizations used Java, VBScript, Swing, T-SQL, MS SQL Server, CVS, JavaScript, C, JNI, CORBA, IIS, COM, Win32 162,005 2000-2005
DonorPerfect Online Migrated AIDS/LifeCycle data from a Goldmine database to the San Francisco AIDS Foundation's customized DonorPerfect Online system using a test-driven development process for the SQL scripts. I also contributed substantially to the bulk data entry wizard, fixed bugs throughout the system, including security holes, made all pages and JavaScripts operate properly in Mozilla Firefox, and implemented strict URL filtering security using an Apache reverse-proxy and mod_rewrite VBScript, T-SQL, MS SQL Server, JavaScript, Apache HTTP Server, IIS, CVS 97,592 2004-2005
SFAF CRM Customer relationship management system that was implemented by a colleague at the San Francisco AIDS Foundation that primarily serves the organization's volunteer based programs department, automates expense reports, and runs the California AIDS Hotline. I enhanced the deployment system using CVS in a web-based front-end, helped my colleague fix various bugs, and enhanced its Internet-facing security with an Apache reverse-proxy and mod_rewrite VBScript, T-SQL, MS SQL Server, JavaScript, Apache HTTP Server, IIS, CVS 69,015 2001-2005
Salesforce.com Built a security testing framework for a new feature, enhanced an internal testing tool's user interface, helped resolve customer cases related to using the application programming interface (API) with TLS and SSL security, and ensured that new releases of the core product did not break older API versions Java, Apache Ant, JUnit, C#, Mono, NUnit 2007
Park 'N Park A fault-tolerant, distributed, real-time three-tiered application for tracking parking garage usage. This was an academic project Java, CORBA, MySQL, CVS 2,027 2006
Teacher's Pet Shares a tab in your Mozilla Firefox browser with one or more remote browsers, which can be useful in virtual classroom environments JavaScript, Java, XUL, XPCOM, Subversion 1,251 2006
Hulk Physically navigates a maze using a customized Parallax Boe-Bot. This project involved both custom hardware and custom software as well as trade-offs between the two when implementing features Parallax BASIC Stamp, Parallax Boe-Bot, Subversion 784 2006
URL Lock Follow-up project to IE URL Lock that sports a configuration user interface and implements new ideas for visually disabling content on the web JavaScript, XUL, C++, XPCOM, Win32, Subversion 3,868 2006
Ariesbase During the Summer of 1999, I worked with Ariesnet, Inc. on creating its PHP-based Ariesbase intranet system. I mostly helped out with the back-end functionality, such as the security system and global includes, and I also created a high-level specification for an employee rating system for virtual team environments PHP, MySQL, JavaScript, CVS 1999-2000


Software that I created

I wrote and maintain the following software:

Name Description Technologies SLOC Year
Thunderforce An open-source Mozilla Thunderbird extension for Salesforce.com. This project is presently under construction JavaScript, XPCOM, C++, XUL, Subversion, MediaWiki 5,411 2007
Home Profiler Synchronizes user profile data between multiple desktop computers, regardless of the operating system. This was used at the San Francisco AIDS Foundation to migrate user profile data from Windows NT to Windows XP while leaving malware and spyware behind Java, C, JNI, JACOB, COM, Win32, CVS 5,679 2005
IE URL Lock A browser helper object (BHO) that prevents users from navigating to web sites in Internet Explorer and Windows Explorer while permitting URLs that match a Perl-compatible regular expression stored in the registry C++, COM, BHO, Win32, Subversion 1,105 2005-2006
Backup system Multi-platform, SSH-secured, Internet-based incremental backup system that I assembled and use to back up all computers that I manage
Read-only filesystem FUSE filesystem view that makes all files unconditionally read-only. I use this in my backup system for the web-based file restore interface
Serendipity Time Tracking Tool A two-tier software team time tracking tool used by Team Serendipity while designing and building the Bosch Security Configuration Assistant. It was rapidly developed using Microsoft Access 2003 as the front-end user interface, MySQL 5 as the back-end database, and SSH as the MySQL connection tunnel
GnuCash to QIF Converts a GnuCash XML file into a QIF file
PDF Access Reports Web-based PDF reports using Microsoft Access, a customized PHP build to run as a COM server, and a custom-built COM object for use by ASP on the reporting server. This was a component of Reggie/CIS's reporting system
SFAF VPN Client Connects a Microsoft Windows 2000 or XP computer to the San Francisco AIDS Foundation's virtual private network (VPN) by using the built-in IPsec and PPTP capabilities in Windows. Each client computer is secured with a machine-unique public/private key, and users are authenticated against the NT domain using PPTP over the IPsec connection C, Win32, Java, Swing, CVS 2,623 2003-2005
Door Lock Specification (not an implementation) of a secure residential door real-time, embedded software system that uses electronic locks, secure entry, easy exiting, and alarm state awareness to securely and efficiently manage a door
Swing Inline Spell Checker Inline spell checker that plugs into Swing's look-and-feel system. This was used in Reggie/CIS as its distributed spell checker with GNU Aspell running on the server
DirList User directory system that runs as a CGI to serve up user lists, search, and synchronize with the operating system's user database. When used with DirList2ODBC, the ODBC driver that I wrote for DirList2, the entire DirList2 system becomes a SQL-compliant database system within the limits of the DirList2 Server. This project began in January of 1998 (simply "DirList" at that time) and is still updated to this day on occasion. Bryant University continues to use this program for their student web site list
PAM CueCat Module Turns the CueCat barcode scanner into a pluggable authentication module (PAM) library, permitting logins with bar code scans
Home Control The project that marked my first significant work towards complete home and office automation systems
ResNet Online I rewrote the old site for ease of use with more capabilities. Automatic port registration and heavy database integration saved the ResNet program a substantial amount of time while greatly improving customer/student satisfaction. Read the History page for more information
FAT Recover Manual FAT filesystem recovery tool that I made to help with manual floppy disk recoveries and to salvage my dad's laptop when Windows totally crashed
Bryant PRIDE web site In the Fall of 1997, when I was a freshman at Bryant, I greatly enhanced Bryant PRIDE's site with several pages and JavaScripts. Over time, the site moved from static HTML to ASP to PHP
ActiveMail Back when I used to do ASP, I wrote a SMTP / POP3 / FTPAuth object so that I could send mail
CPU ID A very simple program that returns info on the CPU that it happens to execute on
DirList2ODBC ODBC 2.0-compliant driver written for the DirList2 Server
Disk Imager Read, write, verify, and erase entire disks into/from raw image files. Similar to rawrite.exe, but actually works in Windows NT. Actually, Disk Imager only works in Windows NT/2000 due to how it opens the selected disk
EzMIDI32 A 32-bit version of the ScreenWindow+EasyMIDI libraries that I wrote for Grapevine High School
LPD Written for GCISD to allow employees to send AS/400 printouts to their local Windows printers. I wrote the piece that translates HP DeskJet 500 compatible instructions into a Windows GDI context, back in the good 'old days when printer manuals documented their control codes
PortProxy Program I wrote in college so that I could run servers from behind a firewall. When I put Linux on resnet.bryant.edu, I no longer needed this program, but it's still cool if you have Windows NT/2000 or 95/98
ScreenWindowX An ActiveX version of ScreenWindow that I created during the ActiveX hype
Trig Grapher My first multithreaded Win32 program that I wrote in high school for fun
256-Color SDK Library that I wrote a while ago to easily manage 256-color bitmaps on 256-color displays
AudioCD Pictures Displays predefined pictures as a playing CD reaches predefined moments
BBS Ads Simply a program that can advertise bulletin board systems, when they used to be popular
Bids-to-ASP Converts American Airlines bidsheet files into Procomm Plus for DOS ASPect scripts
CatSetup16 Install/uninstall utility that I made a while ago so that I could distribute my programs easily
Horses A fun horse racing game that I made a long time ago
KittyCat! Comm Communications program with internetworking in mind. This was never finished, but it had some interesting ideas that I later found out existed in TCP/IP
MCI SendString Allows users to work with the Media Control Interface directly rather than through point-and-clicking
MeowyMIDI A sound font with cat meows and purrs. Includes several example MIDIs that use it
PCL Page Manipulate PCL-compliant printers with this nifty utility that works in both Win16 and DOS (the DOS program is linked into the Win16 as its DOS stub)
ScreenWindow Win16 console and MIDI library that I wrote so that students at Grapevine High School in Computer Science I classes could use MIDI in their music projects using Borland's Turbo Pascal. They now teach C++, and I subsequently made a 32-bit version of the library but this time using Win32's native console rather than my own
SLOS-Win Windows-based interpreter for SLOS, a crazy operating environment that I made a while ago
AriesType A typing program that I made while a freshman at Grapevine Junior High School (the 9th grade was in a separate school from the high school. That building is now Cross-Timbers Middle School, and grades 9-12 attend the high schools now)
GlobalXMS A small XMS memory manager that uses Windows-like memory manipulation functions (the XMS code itself was taken from Paul Chang's open-source XMMLIB.CPP)
IntMap A small image library that I wrote for a Pascal project in high school to provide blt-like operations in DOS
Jingle Bells A musical project that I did during the first year of Computer Science in high school
SLOS-DOS The original implementation of SLOS and the most correct (the Windows version has some problems)
TSNHead An online service charger that split the costs of using The Sierra Network (TSN) among my brothers and I. Should work with others such as Prodigy, but with today's unlimited access plans, this program is no longer relevant
SLOS Modem File transfer utility for SLOS and DOS
TrackTrek A track meet program that "keeps track" of events and allows others to view scores in realtime. This was never finished, but I have the source code available for download if you want to finish it or use bits and pieces
KJMouse Busy cursor similar to KDE 2.2's cursor for Java


Software and project contributions

I contributed to the following projects:

Name Description Technologies SLOC Year
Mozilla Workaround code for a shutdown bug in Firefox (bug 239223) and helped others find the cause of a NTLM authentication crash in a pre-Firefox build 2005
Samba Patch to allow the use of 32-bit user and group IDs in smbmnt 2004
Pan Contributed a small multi-threaded bugfix to a function that was crashing on several important dialog boxes in version 0.6.3 1999
PHP Contributed the snmpset() function to PHP 3.0.12 and PHP4 Beta2 so that ResNet Online could turn on the ResHall ports when students registered their computers C, Net-SNMP, CVS 172 1999
Spruce Contributed several small usability patches and a fix for a thread-based crash that brought down Spruce while checking messages in previous versions C, GLib threads, GTK+ 200 2000
Bryant University During the Spring of 1998, I enhanced Bryant's main page with rollovers and images. Other miscellaneous pages were also updated, and the DirList project was started originally as a web directory for Bryant JavaScript, HTML 1998-1999


Lines of code were computed using SLOCCount and, for extensions not supported by SLOCCount, find . -iname \*\\.js -print0 -or -iname \*\\.bs2 -print0 -or -iname \*\\.idl -print0 -or -iname \*\\.asp -print0 -or -iname \*\\.clp -print0 -or -iname \*\\.xul -print0| xargs -0 -Ixxx cat xxx| grep "[a-zA-Z0-9]"|wc -l. SLOC counts that relate to San Francisco AIDS Foundation software that has not been made open-source were computed during my final months of employment; Carnegie Mellon University asked for those numbers as part of the admissions process. Generated code is excluded from the SLOC counts. With generated code, such as the Reggie/CIS code generated from idlj, the SLOC counts balloon substantially.

Employment History

Salesforce.com

  • API Quality Engineer
  • January 2007 to present
  • Accomplishments
    • Built a security testing framework for a new feature
    • Enhanced an internal testing tool's user interface
    • Helped resolve customer cases related to using the application programming interface (API) with TLS and SSL security
    • Ensured that new releases of the core product did not break older API versions

San Francisco AIDS Foundation

  • Database Administrator and Software Engineer
  • September 2000 to July 2005
  • Accomplishments
    • Maintained a large 200-user multi-tenant three-tiered system used by all Ryan White CARE-funded AIDS service organizations in San Francisco in collaboration with the Department of Public Health AIDS Office of San Francisco and two direct partners. That involved all aspects of the software development lifecycle for all parts, including server and client deployments, network maintenance, and top-tier user support
    • Gathered requirements for new features collaboratively with stakeholders, designed those features, coded them, tested them, and deployed them
    • Assisted the other database administrator with the Foundation's customized customer relationship management (CRM) and donor relationship management systems
    • Implemented large parts of the data conversion and customization of the Foundation's purchased donor relationship management system
    • Secured the Internet-facing presence of the donor relationship management system using a locked-down Apache configuration and strict URL regular expression
    • Obviated a need for Crystal Reports by implementing web-based PDF reports using Microsoft Access, a customized PHP build to run as a COM server, and a custom-built COM object for use by ASP on the reporting server, saving a significant amount of money
    • Championed HIPAA compliance
    • Migrated client operating system data during the Windows XP transition using a multi-platform profile migration tool that I wrote
    • Planned and rolled out Firefox as the default web browser to all foundation users
    • Evaluated and purchased software
    • Managed software licenses
    • Maintained the Cisco network equipment, including the PIX firewall access control lists (ACLs) and router virtual local area network (VLAN) ACLs
    • Cut unsolicited commercial email (UCE or SPAM) drastically and added virtual private networking (VPN) using Astaro Secure Linux (ASL) in the demilitarized zone (DMZ) behing the Cisco PIX firewall
    • Administered databases, servers, and the organization's backup system

Ariesnet

  • Intranet Developer
  • May 1999 to August 1999 and May 2000 to July 2000
  • Accomplishments
    • Developed specifications for a statistical employee rating system to help Ariesnet move towards building teams of virtual at−home employees
    • Helped Ariesnet build their secure intranet system using PHP and MySQL
    • Administered the intranet system's Linux server as well as the development test server using the CVS versioning software

Bryant University

  • ResNet Consultant
    • January 1999 to May 2000
    • Accomplishments
      • Shortened residence hall computer registration port activation turnaround times from two weeks to one second with a custom-written Linux-based PHP web site
      • Provided in-person network and computer support to students living in the university's residence halls
  • Internet Developer
    • January 1998 to May 1998 and September 1998 to May 1999
    • Accomplishments
      • Implemented the university’s first web-based faculty and student directory using the common gateway interface (CGI)
      • Wrote an ODBC driver and Microsoft Access database for its administration. This lives on as the DirList2 open-source project

Grapevine-Colleyville Independent School District

  • Student Intern
  • January 1996 to August 1997
  • Accomplishments
    • Provided award-winning hardware and software support
    • Worked with wide-area network configurations
    • Wrote a networked printer driver to save thousands of dollars in licenses by allowing printing from their AS/400s to local printers

Education and Training

Carnegie Mellon University

  • Master of Software Engineering, Institute of Software Research
  • Pittsburgh, Pennsylvania
  • Graduation: December 2006
  • Masters group project: Bosch Security Configuration Assistant, which is an Eclipse-based application that generates three-dimensional security plans for buildings using the Jess rule engine and three-dimensional visualization
  • Project roles: Planning manager, software process manager, project risk manager, technology support manager, and quality manager
  • Focus areas studied: Fault tolerant, distributed, real-time systems; software project management; formal models and analysis of software systems; software architecture; and software requirements elicitation methods
  • Accomplishments
    • As a team, we met and exceeded our client's original picture of success by the end of the project's one-year time frame
    • I reduced the status meeting data collection time to less than 30 minutes through automation and used historical data to reduce our estimation error
    • As the support manager, I kept our RedHat Fedora Core server and software available, secure, usable, and backed up using only one hour per week of my time on average throughout the project
  • Quality point average: Graduated with 4.03 out of 4.00, which is a weighted grade point average (GPA), due to earning several A+ grades

Bryant University

Certification