I went to the OWASP (Open Wep Application Security Project) meeting here last night. The group was small about 9 people and varied from networkers, php, java, and me (what do I do again?). So it was cool to have a little group of varied talents.

What was not cool was the presentation. I think I might be used to the highly techinical EDMUG presentations. This was an overview of network security principals and practices from a 20,000 foot view. To me it lacked anything I can take back to my work at all. The presenter seemed to know his stuff but did not seem to share it. The meetings are only an hour long too which really limits how much you can talk about.

I am planning on attending again though as I think that some usefull information can be gained. They asked for a coder to give a presentation about securing the application side of things which would be nice to see. I might even do something on it. It seems so boring talking about xss and sql injection but they really are the things that affect us the most.

The fun part of the night was going out with Vlad Levin who is looking to start up an agile user group here in Edmonton. Its always nice to meet new coders and talk about our history and how we got to where we are now. Another great thing I found was that talking with programers who do other languages abstracts your ideas even a bit further away from code which is nice. I do have one word of caution though. If Vlad is driving…… stay off the sidewalks.

Well today I am getting a GST audit so I thought I would ask the GST auditor some questions and blog about it.

I find the GST tax system quite fair (maybe that is because I am requesting a refund). But basically the way it works is that my company charges GST to its clients (that are not GST exempt). I also pay GST on the items I buy. I then have to remit to the goverment the charged amount minus the amount I payed in expenses. So if I chaged $500 to my clients and got charged $700 for purchasing things to run my company then the goverment would owe me $300.

When do you need to get a GST number?
Short answer is once you make over $30,000. But if you are a company that is not a small supplier anymore (for instance a hair dresser). You should charge right away (but this is a gray area I am told).

Why should you get a GST number before you make $30,000?
If you are a startup company you can claim all of your startup costs and get a credit back. What I did was start as a trade name (basically me opperating as a company and then incorporated later). It was a lot harder to get a GST credit on my already owned assets as I had paid for them personally.

Another good point the auditor made was that I can not get a credit on non-assets for before I was incorporated. This means that I can get a credit on the computers / software I purchased but not on costs like meals, utilities, travel, and other non-physical goods. So it is a really good idea to get a GST number when you have high startup costs.

How can my credits be thrown out?
If they are not properly documented. If you are taking a client out for lunch make sure to write on the back of the receipt who you were with and the reason for the meeting. Not having this documents could easliy lead to having all your meal / travel expenses thrown out.

If they are excessive. Taking a client out to lunch every week might be considered excessive and most if not all of these items could be thrown out. Also if it is demed that your expense might be personal it can be thrown out. For example vehicle expenses when your vehicle is used 90% personally would result in 90% of your credit being thrown out.

How about networking expenses?
If you are taking out prospective clients or even other people in the industry you can claim a GST credit. If you are doing it 52 times in a year and do not get a client out of it…. guess what? Tossed!

Do I charge/credit GST to foreign clients?
No. If you deal with someone in another country you do not charge them GST. If you purchase something from a foreign client you will not usually pay GST unless the item is handled by a customs broker which then (because they are a Canadian company) will charge you GST.

Should I get a GST number as a part time contractor?
If there is even the remote possiblity of making over $30,000 in a year I would. I had a friend whos company suddenly made over the limit and then she had to pay $2,500 for the GST she should have been charging plus the fines for not paying it instantly. It’s great to also be able to get a credit for your expenses so that either you owe less to the goverment or get a bit of a refund.

GST Exempt Customers
There are a few customers that are GST exempt. The main ones are the goverment, indian reserves, and foreign clients. Be carefull around this as if over 90% of your clients are GST exempt you can not claim a GST credit! Another good reason to have diversified income streams into your company.

I like a lot of Edmonton bloggers attended JP’s great .NET bootcamp last week. JP made a good comment about how we learn like crazy -> plateau -> repeat (a lot of people never do the repeat part). JP has shown me the next level of learning which is really exciting.

I am not going to rant and rave about the course (Jonas captured my thoughts so eloquently). I am a little behind the curve right now being stuck in a 1.1 vb environment but this course has shown me the value of a lot of technologies and techniques that I am already starting to implement.

-Delegates, Generics, Anonymous methods, and all the great uses for them
-Nant & continuous integration
-Coding to interfaces
-The mass power behind dependency injection and dependency inversion
-mocking / testing in isolation
-structuring of an application
-domain driven design and having a task/service layer (such a great change from the MS DNA style which is crap in my opinion now)
-dependency mapping
-And so much more that I can not even think about

The course seemed slow in the middle to me but now that I think back we covered so much in a short period of time. Plus the last day we did 14 hours and got to dig into stuff like moving validation out of the ui layer and into something more testable/ reusable, the monostate pattern (really cool), passive views, proxies, and probably even more. I think my brain was fairly full by that point.

It was great to learn from and work with someone who was knowledgeable and using all these practices. JP had no pre-canned app we just started working and making direction changes as we went. Doing the process and pairing with JP and other students was a great experience and really showed me the power of paired programming.

I did not have many issues with the course. It was unfortunate that we had a fairly disparate knowledge base in the class. There were several people there that were not the most experienced developers so this course was quite an overload for them and that slowed us down a lot I felt. My only other issue was that while we did get a piece of functionality working from front to back (and with high code coverage), we did not get into unit of work. It is a big topic that we just did not have time to cover but I would really like to see an implementation of it. It has got me thinking though on how to do it in a good fashion (and not in the fowler way which seems a little chatty to me).

Now all I have to do is make the time to use this stuff and play more. I am thinking I will post again in a bit on this topic on how much this course has changed my development. Seeing is how after leaving I feel like I have not been programming but “throwing code at the problem”. So now its time to climb this learning spike and then plateau again. I can’t even imagine what the next climb will be like.

I am using a voip provider for my home phone that has been working fairly well until today (I wont say which… lets just say it starts with “P” and ends with “rimus”). Suddenly the status light is blinking red so I do a reset and all other things I can think of before calling support.

Once I called in I found out they had done an upgrade to their routers and I had to upgrade the firmware on my voip gateway (thanks for the notice!). Anyways they have a vb script file you can download that automates this process. Me being the one to distrust having to run a vbs file I opened it up and found this nice chunk of code:

Randomize
upperbound = 2
x = Int(upperbound * Rnd) + 1
if (x = 1) then
   tftpServer = “216.254.141.196″
elseif (x = 2) then
   tftpServer = “206.130.11.6″
else
    tftpServer = “206.130.11.6″
end if
tftpServer = “216.254.141.196″