Riz’s Rotman Blog

I was given my R-World login information yesterday. I was really excited to check it out but was thoroughly disappointed.

The site looks like something from back in 1995. It’s very difficult to use and has blatantly huge security holes. As they say, a picture is worth a thousand words:

The numbers on the graphic were added by me. The problem I would like to point out right off the bat are:

1. The link bar at the top. I didn’t even know it was a link bar until I re-read the e-mail telling me to click on the items.
2. The threading system. It is just a basic tree with no really easy way to traverse the posts. It doesn’t tell you which posts are new so as this keeps going I’m probably going to have to spend 10 minutes just trying to figure out what the new posts are. It has a very old school Unix hackers board feel but without the usual UI improvements that coders implement without being told they have to (this is a joke for all the geeks out there).
3. The body of messages. It appears they do not escape html entities or encode things like line breaks from the input into <br>. This means:

	a.	Everyone needs to understand html
	b.	You can’t use the & sign without possibly causing HUGE problems.
	c.	I can do whatever I want to the page–for example embed a random image or write my own CSS to change the site look for everyone.
	d.	It’s very easy to execute a cross-site scripting attack and steal people’s identities (I’m not saying more on this, if you know what a cross-site scripting attack is, it should be obvious how you can execute one). The only saving grace is that if someone does execute an attack it should be very easy to figure out who that person is because you could just see who posted the attack.

Not impress in the least. Perhaps if they didn’t try and hype it up so much–over the course of 6 weeks–I wouldn’t feel so let down.

Anyone out there from Rotman who has some sort of say, a little suggestion: It would be better to not have the portal than look like the school is totally behind the times, either shell out the cash for a decent implementation or just take it down. A simple mailing list would be nice and then geeks like me could quickly and easily take the initiative to make our own board that doesn’t make it look like the school just got their first dial-up connection.

I feel bad bashing the school I’m going to attend but I feel an obligation to point out things like this–especially if I expect this blog to be useful for others. At the same time, I’m not going to the school to learn the latest about the wizzy-bang-ajax-web 2.0-insert buzz word here-technology; I’m going to supplement my tech background with biz knowledge. As long as I don’t see things like a hammer and sickle, the school can probably still do what I need.

Update August 23, 2006: A related post can be found here which talks about the improved R-world.

This doesn’t bode well.

About 6 weeks ago I received an e-mail stating that I would be given access (and further information) about “R World,” the Rotman portal site. The e-mail also stated that I should expect to get everything related to R World within the next 3 weeks.

After about 4 weeks, I started to get a little worried that my spam filter may have eaten the e-mails so I replied to the original e-mail; the response? A MTA error–the user doesn’t exist. Ok, no big deal, I just e-mailed someone else directly. Their reply lead me to believe that I would get the information within a week. Two weeks later, nothing.

I might be a little demanding but this is starting to bother me… a lot.

P.S. I really don’t like the name “R world.” It’s very early 90s-.com-bubble bursting-wiz-bang-look at technology-terminolgy. Maybe they’ll teach me something in marketing that will change my mind.

It’s obviously been a while since my first post but nothing Rotman related has really happened. I’ve gotten a few more letters hyping up the school but that’s about it.

I’ve been spending a little time looking over some of the Rotman sanctioned student blogs and they are making me a little nervous. The theme of all of the posts is consistent: Everyone is trying to find a job and has no time for school, let alone a personal life.

Of course I’ve been through something similar, my first few years of Engineering were pretty taxing. Usually the only thing that kept me sane was heading off to the bar at 11:00PM for a drink before bed–this might explain why many Engineers are huge alcoholics. Even though it was difficult I did enjoy my time at Queen’s. I’ve been quite happy working for the last while mainly because of the oodles of free time I have.

I guess I’ll just have to get back into the swing of things. I’m sure that my post-MBA career will probably be very time consuming so maybe I had better just get use to it.

In the mean time I’m going to enjoy the all the luxuries my time affords: reading for leisure, playing video games, watching lots of T.V., taking swing dancing lessons, going out a lot, and spending hours exploring new music.