Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

+ - A New Software Engineering->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "Are we currently in the middle of a paradigm shift in software engineering? Ivar Jacobson certainly thinks so. In a recent article, Jacobson discusses the SEMAT (Software Engineering Method and Theory) initiative, an international effort dedicated to “refounding” software engineering. “As the name indicates, SEMAT is focusing both on supporting the craft (methods) and on building foundational understanding (theory). “"
Link to Original Source

+ - Evolution of the Product Manager

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "Product management is an essential part of software development. Product managers are involved in virtually every step of product development, from before the first code is written, until after it goes out the door. Unfortunately, however, “product management education has not caught up to its prevalence in the industry. The field does not have a consistent product management education.” Today, there is a huge need to improve the quality of education and continuing education for product managers."

+ - The Responsive Enterprise: Embracing the Hacker Way

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "What do Facebook, Apple, Google and Microsoft all have in common? In addition to being enormously successful, all four are software-based companies. Additionally, many hot and upcoming companies such as Über and Tesla are software-based as well. So why are software-based companies taking over the world today? According to a recent article, “The answer is simply that powering companies by software allows them to be responsive and data-driven and, hence, able to react to changes quickly.” The article then elaborates on how to transform into are responsive enterprise by embracing the “hacker way.”"

+ - Security Collapse in the HTTPS Market

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "Today, HTTPS is the de facto standard for secure Web browsing. However, within the past few years several highly visible security incidents—most notably OpenSSL’s Heartbleed—have made it clear that this crucial cybersecurity technology is fundamentally flawed. In both the US and abroad, policymakers and technologists are increasingly advocating various solutions to this problem. Recent analysis of the regulatory and technological solutions that have been suggested, however, unfortunately reveals that the “systematic vulnerabilities in this crucial technology are likely to persist for years to come.” "

+ - How to Prevent Script Injection Vulnerabilities through Software Design->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "“Script injection vulnerabilities are a bane of Web application development: deceptively simple in cause and remedy, they are nevertheless surprisingly difficult to prevent in large-scale Web development. “ Unfortunately, code inspection and testing are typically not enough to ensure the absence of XSS bugs in large web applications. Luckily, the engineers at Google have developed practical software design patterns that make the development of Web applications much more resistant to the inadvertent introduction of XSS vulnerabilities into application code."
Link to Original Source

+ - The Network is Reliable (?)->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "Network reliability is an important issue in distributed computing. “the degree of reliability in deployment environments is critical in robust systems design and directly determines the kinds of operations that systems can reliably perform without waiting.” Unfortunately, however, the degree to which networks really are reliable in the real world is the subject of considerable and continued debate. Complicating matters in this discussion is a general lack of evidence. In this article, Peter Bailis (UC Berkeley) and Kyle Kingsburg (Jepsen Networks) take the first step toward a more open and honest discussion of real-world partition behavior by providing an informal survey of real-world communications failures."
Link to Original Source

+ - How Can the ACM Better Serve Professional Programmers?

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "The Association for Computing Machinery (ACM) was founded in 1947. Today, it is considered one of the most prestigious scientific and educational computing societies in the world. For decades ACM membership was considered to be a mark of a professional; however, this is no longer the case. Many programmers today consider the ACM a purely academic institution of little use or relevance for professionals. In this article, Vinton Cerf—one of the “fathers of the internet” and a past president of the ACM—asks how can ACM “adapt its activities and offerings to increase the participation of professionals?” Is there anything the ACM can do to better serve professional programmers? Join in the conversation "

+ - Quality Software Costs Money--Heartbleed was Free->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "If there’s anything that the Heartbleed fiasco has taught us, it’s that when it comes to free software you get what you pay for. Many free and open-source software (FOSS) projects are underfunded and thus badly staffed, creating the potential for bugs like Heartbleed to go undiscovered for years. So how can we generate funding for FOSS? In this article Poul-Henning Kamp provides a funding model based on his personal experience with FreeBSD and Varnish."
Link to Original Source

+ - Who Must You Trust?->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "“Thomas Jefferson said, ‘Eternal vigilance is the price of liberty.’ It is the price of security as well.” So says network and computer consultant Thomas Wadlow in the most recent of a series of articles centered on the theme of “security” published by acmqueue. In this incredibly informative article Wadlow lays out a series of best practices for security, detailing how to determine whom you trust, what you trust them with, and how much you trust them."
Link to Original Source

+ - Apple's SSL Vulnerability ->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "In February Apple made headlines when it revealed a major SSL vulnerability that had rendered hundreds of millions of devices vulnerable since September 2012. In a cleverly worded article (“Finding More than One Worm in the Apple) Mike Bland (formerly a member of Google’s Test Mercenaries team) addresses five big questions about the SSL vulnerability—what was the bug? How did it happen? How could a test have caught it? Why didn’t a test catch it? How can we fix the root cause? Taking issue with recent explanations of why the bug made it past the tests and tools Apple had in place, Bland lays the blame on the failure of corporate culture to recognize the importance of unit testing. Seeing this as a “teachable moment,” Bland advocates for greater automated testing and code quality."
Link to Original Source

+ - Domain-specific Languages and Code Synthesis Using Haskell->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "Andy Gill, head of the Functional Programming Group at the University of Kansas, provides an in-depth look at embedded Domain-specific Languages (EDSLs). An EDSL—which is essentially a language inside a language—considerably lowers the cost of developing and maintaining a DSL by reusing the facilities and tools of the host language. Expanding on a paper delivered at the 2011 International Conference on Engineering of Reconfigurable Systems and Algorithms, Gill discusses how Haskell is a great host for EDSLs."
Link to Original Source

+ - The NSA and Snowden: Securing the All-Seeing Eye->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "Edward Snowden’s release of classified material exposing the existence of numerous global surveillance programs (obtained while working as an NSA contractor at Booz Allen Hamilton) has been referred to as “the most damaging breach of secrets in U.S. history.” Regardless of whether one choses to champion or condemn Snowden’s actions, it is apparent that the NSA needs to dramatically rework its security measures. In this article Bob Toxen, renown author of several books and articles on Linux Security, discusses the security practices that could have stopped Snowden. Equally interesting, he weighs in on the constitutionality and morality of the NSA’s spying on all Americans."
Link to Original Source

+ - How Fast is Your Web Site?->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "So asks Patrick Meenan, of Google, in this article from acmqueue. Meenan’s question is an important one—it’s a well-known fact that a Web site’s performance (speed) directly correlates to its success. Meenan discusses active testing techniques—both traditional and new—that can be used to monitor Web site performance."
Link to Original Source

+ - Making the Mobile Web Faster->

Submitted by ChelleChelle2
ChelleChelle2 (2908449) writes "We’re living in a world where mobile clients are increasingly on the rise. As a result, it’s becoming ever more important to take into consideration the customer experience on a mobile device. In this article, Kate Matsudaira suggests that if you are having mobile performance issues you “fix the back end, not just the client.” Matsudaira provides a concise and helpful reference for API developers to ensure that mobile clients are remotely served data and application resources reliably and efficiently."
Link to Original Source

The first time, it's a KLUDGE! The second, a trick. Later, it's a well-established technique! -- Mike Broido, Intermetrics

Working...