Now that its codebase is finally viewed as stable, OpenSSL is getting a good top-to-bottom once-over in the form of a sweeping audit. It’s been close to a year since the Heartbleed bug sent the Internet into a frenzy over security. It spurred the software industry to rally behind OpenSSL—sending in more developers, revamping the … continue reading
It has been almost a year since Telerik announced its cross-platform framework for Android, iOS, and Windows. Today, that NativeScript framework is finally making it into public beta. Valentin Stoychev, product line manager at Telerik, announced that developers can start using the framework to build native mobile apps with CSS and JavaScript. “We have been … continue reading
It was only a few short months ago that a vulnerability in the Xen Hypervisor resulted in problems for Amazon’s EC2. We called it the Amazonian apocalypse then, and the time has come for its sequel. Last time, as you may recall, servers were chunked into sections and given windows during which they needed to … continue reading
The concept was similar to other anonymous social media messaging platforms, like Yik Yak, Secret and Whisper. But when Preetham Reddy, lead developer for RezTech LLC in Phoenix, and his team built the Sipper location-based bulletin app, he learned a few hard lessons—as most fledgling app developers do. RezTech’s app experience, while not particularly unique, … continue reading
Since it was created in 2011, Storm has garnered a lot of attention from the Big Data and stream-processing worlds. In September 2014, the project finally reached top-level status at the Apache Foundation, making 2015 the first full year in which Storm will be considered “enterprise ready.” But that doesn’t mean there’s not still plenty … continue reading
More than 90% of data breaches occurring in the first half of 2014 could have been prevented, according to a report from the Online Trust Alliance (OTA). In its 2015 Data Protection Best Practices and Risk Assessment Guidelines, the OTA analyzed more than a thousand personally identifiable information breaches reported by the Open Security Foundation … continue reading
If there was one word that could best sum up the software security situation in 2014, it would be “Egad!” With major enterprises like Target, Home Depot and Sony getting not just hacked but completely compromised in 2014, what hope do smaller firms have at keeping the attackers at bay? Fortunately, things are already looking … continue reading
Software-defined networks and Network Functions Virtualization will redefine enterprise computing and change the dynamics of the cloud. Data thefts and professional hacks will grow, and development teams will shift their focus from adding new features to hardening against attacks. Those are two of my predictions for 2015. Big Security: As 2014 came to a close, … continue reading
Every year there are a number of vulnerabilities exposed and exploited, but 2014 was bad in terms of software security. In the beginning of the year, Cenzic revealed the latest results from its 2014 Application Vulnerability Trends report and found that a majority of apps have at least one security vulnerability; but it wouldn’t be … continue reading
Software vulnerabilities have existed for as long as there has been software. Organizations and their developers have been locked in a cat-and-mouse game with the legion of hackers looking to steal data. Every time one breach is fixed, another is exploited, and ‘round and ‘round it goes. So, after Julian Assange and WikiLeaks, Edward Snowden, … continue reading
For development teams, cloud computing is enthralling. Where’s the best place for distributed developers, telecommuters and contractors to reach the code repository? In the cloud. Where do you want the high-performance build servers? At a cloud host, where you can commandeer CPU resources as needed. Storing artifacts? Use cheap cloud storage. Hosting test harness? The … continue reading
Cloud-based storage is amazing. Simply amazing. That’s especially true when you are talking about data from end users that are accessing your applications via the public Internet. If you store data in your local data center, you have the best control over it. You can place it close to your application servers. You can amortize … continue reading
