There are lots of things I enjoy, and many of them center around technology and my community. Below you can find some of the things I'm interested in.
Computer security is one of my favorite areas, both because of the interesting challenges it poses and because of the importance of writing software that protects users' integrity and privacy.
In my view, the most important parts of designing secure systems are carefully selecting components based on their design and track record, taking great care to avoid security problems in new software you're developing, and providing multiple layers of security ("security in depth") so that a single failure isn't catastrophic. Security software can also play a role, by adding another layer of security or filling in a gap in an insecure part of the system.
One of my favorite projects was creating ucspi-tls to add TLS support to qmail's SMTP and POP servers. It uses all of these approaches: it is built on top of qmail and sslserver, both of which has a very good security record; it is written carefully to avoid introducing new bugs into these systems; and it runs the SSL processing in a separate low-privilege process so that vulnerability to any flaws in that subsystem are limited.
We also took security and privacy very seriously in the Whereabouts location awareness project. We created a rule-based privacy system that allows a user to control who has access to their sensitive location information under what circumstances, including rules based on time and location. Especially as systems gather more information about us automatically, it is important that mechanisms are in place to make sure users have control over their own privacy.
On a project with Allied Media, we designed a secure system for managing medical data about HIV patients for SEMHA. We created a private certificate authority, and issued client certificates to all of our users, which were used along with a password as part of a two-factor authentication system. We used SELinux to limit the capabilities available to any one process, so that a security flaw in one part of the system couldn't spread to any others. The data lived on another server in a different part of the network, protected by the individual users' passwords.
Recently, we solved a horrible Spam problem at the Genesee Free-Net with Untangle, which is a fantastic piece of software for providing first-line defense against spam, viruses, and attacks on Web sites.
Since I first began working with the Internet in college, I have been fascinated by how simple it can be to send a bit of information from one side of the world to the other, and how much complexity is hidden beneath that. Working at an Internet Service Provider in the 90s, I designed networks which efficiently routed data between our several remote data centers and our multiple connections to the Internet. I saw first-hand the difference an effective design makes, and working through the various challenges we encountered increased my appreciation for how robust the Internet Protocol is.
After our ISP was absorbed by Earthlink, I have mostly been involved in the higher layers of networking, providing services like DNS, SMTP email, and Web services. The skills I learned while operating a network have been very helpful with this, since an understanding of what's going on at the lower levels of the network is crucial for troubleshooting.
As I've been working on mobile networking applications the last few years, I've found this especially useful. Problems can crop up on the mobile device, the carrier network, the Internet, and figuring out the source of unexpected behavior requires thinking about the different components of a network connection and how they all fit together.
Creating scalable systems is a fun challenge. It is very satisfying to dig into a system, figure out where the bottlenecks are, and open them up to get better performance. With modern systems adding more CPUs, effective use of concurrency is necessary to get good scalability.
When I was running mail servers, we used a cluster of machines behind a load balancer to give good performance to all of our 600,000 users. As we brought more users on, we were able to simply add more machines to our cluster to accomodate them. We also carefully tuned our mail software to minimize the amount of hardware we had to purchase.
At the Whereabouts Project, I created a scalable system for handling location information. Written in Java, it used lock-free data structures from the Java concurrency classes to process large amounts of data with minimal contention, allowing our system to scale well to multi-CPU systems.
At Locomatix, our server software is designed to support a large number of users on minimal hardware. It uses Boost asio to manage high-performance I/O and thread pools, and lock-free data structures from Intel Threading Building Blocks to effectively share data between threads.
Several of my recent projects have involved Drupal, a high-quality content management system which makes it easy to get Web sites off the ground quickly, and add powerul features quickly. I frequently contribute patches to various Drupal projects; see recent posts from scottgifford on drupal.org to see what I've been up to.
The speed of development has allowed me to quickly bring up rich Web sites for projects like Locomatix Aura, and nonprofits, including the Consortium on Child Abuse and Neglect, where my wife is executive director. At the Genesee Free-Net, we are working on extending this to other nonprofits and community organizations.
Drupal has also developed my interest in PHP, which is quite a scrappy little language. Recent developments like Wietse Venema's Taint support for PHP and Suhosin give me hope that PHP will make real strides on its security problems in the next few years.
I've done several projects on Windows Mobile using the .NET Compact Framework, Microsoft's framework for writing mobile applications. At Locomatix, I've been developing a mobile client for our My Aura application, which includes location sensing and instant notifications. At the Whereabouts Project, I maintained a student-developed tour guide application, which we used to give tours of our computer science buildint to visitors.
.NET is a very powerful framework, and the Compact Framework is a nice way to develop for a mobile device. I've really enjoyed the challenges of working on a resource-constrained platform, dealing with sporadic network connectivity, and solving user interface problems on such a small device.
Perl is probably my favorite language to work with. Its excellent security track record and its powerful taint mode make it my first choice for any project where I care about security, and I generally care a lot about security.
I have contributed several modules to CPAN, Perl's gigantic open source code archive. My CPAN handle is GIFF, and CPAN projects by GIFF include Mail::Qmail::Queue, a tool for modifying mail as it goes into the queue; Net::FTP::RetrHandle, which lets you read arbitrary portions of a remote FTP file asif it were local (including extracting parts of a remote ZIP file without downloading the whole thing); and the rfid-perl project, which created drivers for various RFID readers.
Sometimes if I have spare time I hang out on PerlMonks, where I have the username sgifford. You can see what sgifford has been up to on PerlMonks if you'd like.
I've lived in Flint, Michigan for most of my adult life, and this community is a big part of my life. I enjoy sharing my technology skills with local community organizations like Resource Genesee, Genessee Free-Net, and the Weiss Advocacy Center.
When I'm not working with technology, I love going with my family to the Flint Farmer's Market and taking my kids to the Children's Museum, the Flint Institute of Arts, and our great county parks. Once in awhile, you can find me hanging out at The Good Beans Cafe, and in our few moments of spare time my wife and I like to see shows at The Whiting (the kids just like the spotlights on show nights).