Wednesday, 25 April 2007

Some Software Development Proverbs

This page is a very good place rest your mind in hectic software development times and find some interesting material for you next PowerPoint presentation ;o)

Tuesday, 17 April 2007

Getting Rich with Rich Interfaces

At the end of March, Microsoft announced that it had joined the OpenAjax Alliance. The OpenAjax Alliance is an organisation of vendors, open source projects and companies using Ajax that are dedicated to the successful adoption of open and interoperable Ajax-based Web technologies. The prime objective is to accelerate customer success with Ajax by promoting a customer's ability to mix and match solutions from Ajax technology providers. The OpenAjax Hub project is aiming at this goal. The OpenAjax Hub is a set of standard JavaScript functionality defined by the OpenAjax Alliance that addresses important interoperability issues that arise when multiple Ajax libraries are used within the same Web page.

Microsoft joined more than 70 member of the Alliance one year after its foundation. The motivations for this action could be multiple. First Microsoft has launched its ASP.NET AJAX 1.0 product in January. Then there is also the interest to promote Ajax as an "open" solution versus Adobe's Flash as the preferred architecture for the Web rich interface. Microsoft will have to work so that is Ajax solution respects the OpenAjax conformance specifications. As far as the battle for rich Internet interface is concerned, the winner is still to be decided, and there could be more than one. Adobe is currently presenting the alpha release of its Apollo technology. Apollo is the code name for a cross-operating system runtime that supports Flash, Flex, ActionScript, HTML, JavaScript, CSS and Ajax. Adobe is currently targeting the second half of 2007 for the first release of Apollo, supporting Windows and Mac OS X. Support for Linux will be added later. Basically, Adobe is trying to propose a free runtime (like for Flash or Acrobat) that will allow consistent behaviour of Adobe proprietary Web interface solutions and standard technologies. It targets both traditional Web applications and mobile devices.

Tuesday, 10 April 2007

Safe Coding

The SANS (SysAdmin, Audit, Network, Security) Institute announces the first secure coding assessment and certification exams for programmers.

Programming professionals can test their secure coding skills, find the gaps, and, if they choose, gain certified status. The examinations each cover a specific programming language suite and are designed to enable reliable measurements of technical proficiency and expertise in identifying and correcting the common programming errors that lead to security vulnerabilities. The exams will be administered in August in Washington DC on a pilot basis, and then will roll out worldwide through the remainder of 2007. The first tests are already available on the Web for the C and Java languages.

Security is surely one of the most neglected area of the software engineering discipline. The security/access model of a new project is often treated as last-minute activity after the functional requirements have been defined. Only companies operating in more sensible industries (banking for instance) have a more pro-active approach to this topic. Now with the increased openness of the internet world and the wide usage of open source code mainly based on interpreted languages, the possible vulnerabilities of applications have increased. Identifying possible security threads and applying programming best practices to prevent common coding mistakes is a goal that every internet programmer should have.