Software Development

"On day two of the 2013 Embedded Linux Conference, Robert Rose of SpaceX spoke about the "Lessons Learned Developing Software for Space Vehicles". In his talk, he discussed how SpaceX develops its Linux-based software for a wide variety of tasks needed to put spacecraft into orbit—and eventually beyond. Linux runs everywhere at SpaceX, he said, on everything from desktops to spacecraft." - imabonehead from Bookmarklet

"Mike Micklewright and Quality Digest present this homage to quality managers: Those hard-working, often-overlooked gatekeepers of continuous improvement. Told in the style of the late, great Paul Harvey, this video demonstrates why quality managers are the glue of organizations everywhere, whether in manufacturing or service industries. Enjoy!" - imabonehead from Bookmarklet

"Can this “beauty” of software be quantized or industrialized? Perhaps not, just as it is with other works of art, but I think there might be some common traits..." - imabonehead from Bookmarklet

"A key requirement for creating a beautiful app is a true product vision, nurtured by its creator(s), the product owner and the product team. This vision needs to engulf the whole product from day one, and can’t be expressed in a backlog or as a user-story. It’s a gut feeling and drive that has to be there, and it has to be allowed to thrive without being pushed back by processes and analysis." - imabonehead

Bleaugh. My idea of beautiful software is EMACS. Give me a swiss army knife instead of a crippled beautiful tool. The concept of "beautiful" is the worst thing that Apple has given us. Apple wants t sell you an appliance that can't be used to do anything else. I refuse to submit to that aesthetic. - Piaw Na

"...it is important to understand how testing mobile applications is different from testing browser / desktop applications. If we understand the distinction and challenges of testing mobile apps, it will be a bit more easier to tackle them." - imabonehead from Bookmarklet

"At its event, Netflix looked to turbocharge the process. The company announced $100,000 in prizes—$10,000 for 10 different awards—for volunteer coders who can develop interesting tools based on Netflix’s open-source code over the next six months. (Rules here.) The revelation of these prizes was met with great applause. Now the race is on for people who don’t work at Netflix to improve the company’s infrastructure." - imabonehead from Bookmarklet

"In my previous article on “Application Security Testing of Thick Client Applications”, I mentioned a few tools that can be used for penetration testing of a thick client application. We had discussed a tool called Echo Mirage that can be used to intercept and edit the traffic for .EXE based applications. In this article, we will discuss a tool that can be used to assess the security of JAVA based applications. We are all aware of how difficult it is to intercept thick client applications due to the complexity and nature of these applications. Let us see the various approaches currently available for testing of Java based thick client applications and their respective drawbacks." - imabonehead from Bookmarklet

https://code.google.com/p... - imabonehead

"An open-source physiology engine that anyone can use to develop medical simulations is being developed by the U.S. Army’s Telemedicine & Advanced Technology Research Center." - imabonehead from Bookmarklet

"It’s not altruism that’s spurring the $7 million PhACTS (Physiologically Accurate Community-based platform for Training Systems) project. Rather, TATRC hopes that the new engine will enable the public to develop medical simulations that will benefit military as well as civilian medicine." - imabonehead

"It looks like GCC is overtaking Clang as the compiler with the best C++11 support. Visual Studio has added several significant C++11 features such as variadic templates, initializer lists and raw literals. I can’t really comment on how complete and bug-free these implementations are at a more fine grained level (other than VS2012 – I detail a lot of the bugs in the initial VS2012 release in my book, C++11 Rocks)." - imabonehead from Bookmarklet

"Every morning, I'm scanning through the emails of the night while sipping coffee. One of them always stands out, with its reassuring simplicity: “Integration tests results – No errors”. With just these few words, I know that our code can be built, passes its unit tests, can be packaged, can be deployed on a fresh infrastructure, and continues to work as expected, supporting our customer use cases." - imabonehead from Bookmarklet

"To reach this level of confidence, we have designed a ‘Total Integration Test Suite’ that goes far beyond continuous integration and unit testing, also validating our packaging, deployment and product integration with all external components. In this post, I'll detail how and why we did it." - imabonehead

"In this case study, I describe how we went from an untested manual process in which the development team was manually building software artifacts, creating environments and deploying, to a completely automated delivery pipeline that is triggered with every change." - imabonehead from Bookmarklet

"In part 1 of this series, I introduced the Continuous Delivery (CD) pipeline for the Manatee Tracking application and how we use this pipeline to deliver software from checkin to production. In this article I will take an in-depth look at the CD pipeline. A list of topics for each of the articles is summarized below." - imabonehead from Bookmarklet

"...I thought I'd explain just what password hashing and salting means. Let's start at the beginning. You're some kind of system that wants to have password security. Obviously, you need to save the passwords somewhere, right?" - imabonehead from Bookmarklet

"Adopt these DevOps practices to realize the goals of effective collaboration, smoother operations, and cleaner code." - imabonehead from Bookmarklet

"Steve McConnell describes common impediments to estimation on Agile projects, and he highlights key practices that lead to better estimation results." - imabonehead from Bookmarklet

"Videos from four keynote talks and two-dozen sessions at the Embedded Linux Conference 2013 in San Francisco last month are now available for free viewing, courtesy of the Linux Foundation, which held the event. The videos cover a wide range of embedded Linux development, deployment, and marketing topics. To view the videos, click each keynote or session title below." - imabonehead from Bookmarklet

"Fact does not come from the grand leaps of discovery but rather from the small, careful steps of verification. That is the premise of the Open Source Security Testing Methodology Manual also known as the OSSTMM (pronounced as "awstem") It is a peer-reviewed manual of security testing and analysis which result in verified facts. These facts provide actionable information that can measurably improve your operational security. By using the OSSTMM you no longer have to rely on general best practices, anecdotal evidence, or superstitions because you will have verified information specific to your needs on which to base your security decisions. One way to assure a security analysis has value is to know it has been done thoroughly, efficiently, and accurately. For that you need to use a formal methodology. The OSSTMM aims to be it." - imabonehead from Bookmarklet

http://www.aliexpress.com/store... - peng jing

"This article provides guidance on how to properly store passwords for user authentication in order to help prevent password theft. Passwords are frequently stored encrypted or as clear text. Clear text passwords can be read directly by the database's administrator, super users or via data theft by SQL Injection. If encrypted, these same techniques may also allow the attacker to gain access to the decryption key as well. Database backup media is also vulnerable to password theft if these passwords are included on the backup. It is recommended that you avoid storing the clear text password or an encrypted version of the password. Passwords should be strongly hashed as described below." - imabonehead from Bookmarklet

"It’s rare that a significant amount of time will go by without me hearing about yet another leak of user credentials from some well-known site. In the interest of incrementally increasing the security of the web as a whole, here’s a checklist to consider when writing your next (or current!) web application. The Basics - These are things that effectively mandatory – if you’re not already doing them, you should probably start doing them as soon as you can." - imabonehead from Bookmarklet

"Rolling releases are not new. Gentoo was one of the first, if not the actual, that was considered a rolling release. Later rPath, then PCLOS came along and Sabayon followed. Arch joined the fray and openSUSE began Tumbleweed. But more projects are kicking around the idea these days and some have even done it." - imabonehead from Bookmarklet

"Rolling release are those systems which are updated in smaller increments over time usually from within the system with a software management client as opposed to the more traditional installation of a new system every so often. The advantages to the user is obvious, but the developer has his reasons as well. That's why more and more projects are implementing the rolling release model, or are at least talking about it. Here are two very recent examples." - imabonehead

"Not long ago, customers and prospects had to find a computer to visit your website. But today they're online 24/7 via mobile devices. Serving your customers is now a continuous interaction, and this phenomenon will only grow in the coming years as customers and prospects demand reliable and up-to-date Web services from anywhere at any time. For your organization, this translates into constant pressure to quickly and frequently add features and updates to your application services." - imabonehead from Bookmarklet

"Continuous Delivery is achieved when all involved are capable of delivering new functionality in an agile manner. Your business will ensure prompt and accurate communications with customers and prospects at all times." - imabonehead