Slashdot videos: Now with more Slashdot!
The Canadian technology company posted dismal quarterly earnings numbers, missing revenue and sales targets, while margins continued to shrink.
Co-CEO Mike Lazaridis conceded the PlayBook had been thwarted by a lack of apps and content, not necessarily by a weak platform. Like Apple with its iOS, and Microsoft with Windows, creating a successful platform will be dependent on the eco-system it supports, but RIM hasn't shown ability to foster that."
From the article:
' "Go at it hard and fast with a pounding drum and bass track or chill with the ambient classic," reads a marketing brief for the £30 ($72) iGasm, which plugs into any music player and vibrates in sync with the beat. Apple says the iGasm ads, which show a female silhouette listening to an iPod with a cord snaking into her underwear, are a rip-off of its own iPod ads.'"
Every Patch Tuesday there are repeated discussions on Slashdot of how software vulnerabilities have inconvenienced and endangered us. But a quick perusal of the (currently) 173 coding rules identifying exploits in commonly used programming languages should show most any developer that insecure code is everywhere. Moore's law has continued unabated, functionality and power in our systems have grown, and our development methods and disciplines have not kept up.
So, what to do? Most of us are at least familiar with Software Engineering. You know, that is the area that arguably started with NATO in 1968 and, as a professional subject area, has an almost unmatched track record of being both critically important and uniformly ignored. With security, cyber-warfare, and other daily threats and nuisances we are facing yet another circumstance in which the lessons of Software Engineering are about to be experienced again (and again, and again
Build Security In focuses on a relatively new area called Software Assurance.
IEEE created the SoftwareEngineering Body Of Knowlege to provide a foundation for the practice of Software Engineering. Similarly, Build Security In is reviewing a similar document, Security in the Software Lifecycle which is just coming out of review but pretty useful in its current version. Even if you just pick a chapter and scan it, it will give you an idea of the scope and solutions to the problem.
Sadly, Software Assurance is already suffering the same fate as Software Engineering. Robust software development processes, secure products, and quality software systems are forced to take a distant second place to speed and cost. Maybe the site's Risk Management articles will help Slashdotters' management understand the problem. Maybe the business justification articles will help. It is worth pursuing because when we develop secure software it just so happens that it is better software too, because we are paying more attention to software quality."
The arguement TFA provides seems to come up fairly often, as it was already here awhile ago.