Software security by problem setting

We had an interesting discussion with a friend of mine yesterday. The discussion was about corporate communication, its failures and difficulties. Well, that’s his job. My job is security. And today I suddenly realized that everything we discussed yesterday about communication was equally applicable to my situation simply due to the human nature.

We try and push security into the company, into the development, into management, into everything. And it does not work. Some people say that it does not work as well as we would like it to but it works a little. I say it does not work at all. All this fake interest in something that can be done instead of working – that is not an interest in applying security. That’s not what we are after.

But the problem is the sane here as everywhere else. Why would anyone want to have security? Why would my CEO want security? He wants some certificate that he can wave around at public speaking occasions and get recognition and, even better, money for it. Why would developers want security? They want to listen to funny stories about security to have a legitimate excuse not to work. But they do not want to implement any security, that’s extra work for them that is not recognized in any way. Why would my customers want security? It’s cumbersome, and annoying, and costly…

So we are stuck in pretty much the same situation: I am trying to give people a solution to the problem they do not have. Or they think they do not have. People are notoriously bad at recognizing future problems and seeing the not-so-immediate outcomes. And that’s why I am failing before I started. They will not accept it because it is not their problem.

And the main million dollar question remains: how to make software security to be their very personal and immediate problem? If I can figure it out, then and only then we will finally have software security.… -->

continue reading →

Advice from IMF: Eurozone must tie closer together

The managing director of the International Monetary Fund Christine Lagarde has figured it all out for us. Her advice is to integrate the Eurozone economies closer together. And introduce more central control over the monetary and economic side of things.

Yeah, right. If we wanted to make sure that the next economic problem anywhere in the EU takes the whole of it down under we would heed her advice. Oh, absolutely, the tightly integrated economies are a clear winner when it comes to sinking quickly.

But I hope the people at the top realize that they are not outside EU, they are inside it, and it is not in their best interest to build a Titanic out of the EU countries. The strength of the German economy and its resilience to all sorts of political and economic crisis lies in its loose integration and the freedom of every land to develop its own strengths. And that’s a good principle to apply to the whole of EU as well.

Sure, the development and this silly economic growth are not as fast as they would be in a tightly controlled and integrated economy but the advantages of a diversified locally directed economy were clearly seen during the last crisis when Germans could so rightly say “He who laughs last, laughs best.”… -->

continue reading →

A miserable failure of Agile

That is really something we come across almost every single day – the initiatives and ideas that seemed so good backfire and destroy all they were supposed to improve. One of those things is Agile in software development.

The idea originally was fairly trivial but seemed to have potential to work. The idea was to be able to split the software development into smaller chunks so that even an idiot would be able to write that small piece of code. Then, a company would not need to hire experienced software developments but could settle for inexperienced, inadequately trained and simply stupid developers, often without an engineering degree. That would allow to pay less for the same amount of software produced.

The result? A catastrophic loss of productivity ensues. Yes, it is cheap to get the software developers and make them scrum masters but what then? They are not capable of developing the software anyway. And you drove away all real masters of design already. The amount of time required to write and rewrite all the code and tests shoots through the roof. The productivity falls through the floor. Costs … you guess it.

Software design (as many other engineering disciplines) remains an art to this day. Yes, you can apply agile principles in some dark corners of software development but far from everywhere. And that is something managers still have to understand.… -->

continue reading →

Double meaning not intended

Some people never read what they write. As a result, the following gem is available for us from CafeSoft:

” I can’t tell you how reliable your product has been.” – Cams SME Customer

Sure, he can’t tell how reliable the product was, because it wasn’t! :) People, do me a favour – read your pages, read your blurbs, read you own posts. Please.… -->

continue reading →

The Factor of Money

I call this interesting thing “The Factor of Money”. What is it? It is one of the things quite wrong with the world from most people’s perspective. Although, to be fair, most of them do not realize it. And there is a minority who abuse the rest so it is quite ok for them. But let’s see.

A society is built on a number of factors that the society considers important. And whoever controls the decisive factor controls the society. If most of the world considers a single factor of utmost importance then whoever controls that factor controls the world.

Factors important, or crucial, for the people in the society may differ. One of the factors quite widespread nowadays is money. Notice how USSR, the Soviet countries overall, were not into money before. like the eighties. And those countries were quite apart from the other countries that were controlled by money. They were independent and powerful, they could not be easily subverted by money. Once they joined the throng in cherishing the money factor, they became a slave to the controllers of the money factor. Notice how quickly their deterioration happened.

Now watch this. China was always quite separate from the money world. They became strong on a basis totally different from money. Now they let the money in. What do you think will happen? Yes, let’s watch them being overtaken by the overlords of money. They stand no chance anymore whatever they may think about it.

The Factor of Money is the factor that leads to enslaving entire countries to the will of the Lords of Money. If you want your society or country to be independent, the first thing to do is to break away from The Money Factor.… -->

continue reading →

Where will you get a good TV?

I am looking at the reports for TV sales for the last quarter of the last year comparing it to the previous year. What most analysts are interested in is the amount of shipments and how good LCD compared to other technologies is doing and why there is a little decline in TV shipments and things like that.

I am looking at it and I am feeling very sad. Here is why. The best TV manufacturers are historically Japanese. We may argue about it all day long but you would never call a Sony TV set “bad”, would you? Same goes for Sharp. The best two manufacturers of TVs in history of flat panels. And so I am very sad to see how they keep shrinking away under the pressure of their cheap-junk-TV competition. Sad, sad story. Where will you get your TV in 10 years if all you will have is junk, eh?

-->

continue reading →

Counter-productivity

How true:

Although we might all like to imagine that we can work happily through the night, once again the data’s all against us. Lose just one night’s sleep and your cognitive capacity is roughly the same as being over the alcohol limit. Yet we regularly hail as heroes the executives who take the red eye, jump into a rental car, and zoom down the highway to the next meeting. Would we, I wonder, be so impressed if they arrived drunk?

Read more in the original article.… -->

continue reading →

A word or two about Nokia

While I am at the news, I find it amazing that Nokia still happily trumps downward spiral despite the obvious signs of failure. “Nokia has been knocked off the top of the smartphone totem pole by Samsung, Japanese investment bank Nomura said today.” says The Reg. Well, that does not come as a surprise, it is a bit earlier than I expected though. Everything one needs to know about the problem has been discussed in my previous post on the matter. Nokia! Wake up! The only manufacturer that does proper phones is going down under. I wish I had the cash to buy out Nokia and kick it back into shape. Or better yet organize another company that would steal Nokia phones from Nokia.… -->

continue reading →

Nokia

I suppose I have to admit that I am a big fan of Nokia. I did use several models of other manufacturers, SonyEricsson, HTC, HP, Motorola, but in the end I always come back to Nokia. Strangely, even with all of those silly problems and annoying shortcomings, Nokia phones are still by far the best as, precisely, phones. But why do they have all those problems that force me search hi and lo for a new phone every now and then? Here is a batch of articles that sheds quite a good light onto the problem:

  1. Undesirable at Any Price? What happened to Nokia, who invented the smartphone
  2. Sherlock Holmes & Hound of the Nokiaville? Why Did Nokia Market Share Crash-Dive? I May Have An Answer..
  3. Return of the Jedi: Nokia can be saved, here is the how

I think I agree more or less completely with what Tomi Ahonen explains there. Interestingly, I think those precise problems plague more than a few companies in the world, in many different industries. Unfortunately, nobody listens.… -->

continue reading →

Solar power wars

I came across an interesting article about solar trade on Reuters. The article describes the rather well known tactics that Chinese use to push their products on the market, this time in the clean energy sector. But that was not so interesting, the interesting part was towards the end, where they talk about the First Solar, a US company, who apparently signed a preliminary deal on installing the solar panels to a large China project. Why they received the deal? Because they have an advanced technology – their production of thin-film panels is cheapest in the world.

Do you think they simply got the deal and that is all? Check it out:

  • The deal is not final, it is only a MoU, not binding in any way
  • The first part before anything happens will be a pilot project in a partnership with a Chinese company that will take a majority stake
  • A Chinese company is opening a plant right next door to the First Solar in US

Now you may call me a paranoid, but I think First Solar is never getting that final project.… -->

continue reading →