Programmers Learn to Check Code Earlier for Holes 212
Carl Bialik from WSJ writes "Many companies are teaching programmers to write safer code and test their security as software is built, not afterward, the Wall Street Journal reports. This stands in contrast to an earlier ethos to rush to beat rivals with new software, and, of course, brings tradeoffs: 'Revamping the software-development process creates a Catch 22: being more careful can mean missing deadlines.' The WSJ focuses on RIM and Herb Little, its security director, who 'uses Coverity every night to scan the code turned in by engineers. The tool sends Mr. Little an email listing potential red flags. He figures out which problems are real and tracks down each offending programmer, who has to fix the flaw before moving on. Mr. Little has also ramped up security training and requires programmers to double-check each others' code more regularly.'"
This just in: (Score:5, Funny)
QA is..... (Score:3, Funny)
Slippery slope (Score:3, Funny)
What will the XP weenies do then?
Ain't gonna last (Score:5, Funny)
It sounds good and all but there's a direct correlation between the deadline and how bullet proof the code is.
insert sig here
That's why... (Score:5, Funny)
Agreed, periodic checking for holes has it's own value, but nothing beats using the best quality, industrial-strength (tm) bits to start with, moreso while developing reliable software in the post-911 world.
This Just In From Microsoft (Score:5, Funny)
Or, ... (Score:2, Funny)
Obligatory Fight Club (Score:4, Funny)
Narrator: A new program written by my company is shipped on time, but with bugs. The network stack locks up. The OS crashes and burns and scrambles the hard drive. Now, should we initiate a code review? Take the number of licenses in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a code review, we don't do one.
Business woman on plane: Are there a lot of these kinds of bugs?
Narrator: You wouldn't believe.
Business woman on plane: Which software company do you work for?
Narrator: A major one.
Re:This just in: (Score:2, Funny)
Re:Wow. A 'Developer' article (Score:3, Funny)
Yes, I believe they've pretty much got Solitaire down.