Archive for October, 2005
I’m attending a very interesting session - "Fostering Software Robustness in an increasingly Hostile World" - here at OOPSLA in San Diego.
The focus, of course, is on quailty, and getting the number of bugs down in mission critical applications. According to one person, the number of hacker attacks grow at a annualized rate of 20%. At the same time, 35% of these attacks are indeed hostile in some manner or other - meaning that someone is out to exploit software bugs to steal information, commit credit card fraud, etc, etc.
Also quoted of course was the fact that 60% of bugs trace back to bad requirements. No, I didn’t interrupt and yell "CaliberRM", "StarTeam", "Together", "SDO", etc, but I will of course talk about that later with people.
A common number of 6-7 bugs per 1,000 lines of code was mentioned as well. This becomes 6,000 bugs if you have a medium application of 1 million lines of code. If only 1% of these bugs are security risks, we still have an alarming rate of 60 security issues per million lines of code. If you haven’t thought about this before, you should immediately turn on automatic updates in Windows. It’s a good thing!
Steven Fraser (impressario) asked how many people used any kind of online banking. As expected, well over half do. Then he asked how many people would be worried if it didn’t work as expected one day. I think all hands came back up again.
And here I am enjoying a great panel, while being connected on an insecure wireless system. Yes, I am using my VPN software, but how secure is my data really? How do I know for sure that noone is looking at my stuff while I’m here. I don’t. All I can hope is that the people’s whose software I use are making sure that quality is as high as it can possibly be, and that they work relentlessly to make it better and better.
Oh, and BTW, how sure am I that my data is safe with anyone else, such as my banking details with my bank, my medical records with my insurance company, etc, etc?
Added 5 minutes later: I just got an IP conflict alert from Windows… On the WiFi network? Or on my VPN? No clue…
David Intersimone John Kaster Anders Ohlsson Michael Swindell Jason Vokes Malcolm Groves Daniel Wischnewski Jeremy North Hadi Hariri Eli Boling Henrik Jondell Fredrik Haglund Jesper Hogstrom Jonas Hogstrom Jan Norden Bob Swart Marco Cantu Huw Collingbourne Joe Hendricks Nick Hodges Dan Miser Leonel Togniolli Jim Cooper Chris Hesik Alastair Fyfe Bruno Fierens Danny Thorpe Allen Bauer Jim Tierney Steve Trefethen Jim Gunkel Alistair Meredith Brian Long Pierre Le Riche John O’Harrow Cary Jensen J. Peter Mugaas Doug Chapman Mike Devery Calvin Tang Tom Avila Troy Kitch Mark Edington Rob Cheng Molly Nedom Bruce McGee Mark Duncan Darren Kosinski Lino Tadros Charlie Calvert Bernd Ua Ray Navasarkian Ramesh Theivendran Atanas Stoyanov Jeff Overcash Tim Jarvis Alexandra Jarvis Ray Konopka Robert Love
What do you think all these names have in common?
The next installment of "24 hours" on BDNradio will feature Borland Developer Studio 2006 (aka DeXter) on 10/24.