Sunday, June 29, 2008
How come enterprises don't ask their software vendors for bug-fix only releases?
Imagine what would happen if all the enterprises that use products developed by Microsoft, Oracle and Sun encouraged them to create a bug-fix only release. What would be even more intriguing if these vendors asked customers to enumerate all bugs they know but haven't reported and they would allow them to vote on priority themselves without any internal interpretation.
Even more intriguing would be the commitment from these same vendors that they would spend an entire six months on bug fixes and bug fixes alone. This activity could have several potential positive outcomes:
- Software vendors who have traditionally delivered high-quality software can finally demonstrate how high quality their offering is in a very transparent way. Likewise, they could compare their competitors approach and how they fumbled
- Security bugs may actually get fixed, making the OWASP crowd work harder to find faults in major enterprise applications.
- Sometimes it is hard to tell what the ratio is between the fixing of bugs, and the introduction of bugs. Vendors themselves will finally be able to quantify and improve their own practices
Links to this post: