Saturday, June 07, 2008
Links for 2008-06-07
Jeff missed a point I made regarding EA tooling. I wasn't saying that Powerpoint and Visio are sufficient. What I did indicate was that if you are an EA with a budget of say $500K, is it better spent on some business initiative such as federated identity, CRM, creating role-based portals or should it be spent on EA tools? The problem is that EA tools cost a lot and don't provide a lot of return relative to other spends.
Does this surprise anyone?
I have observed a slightly different behavior amongst developers than what Jeremiah has outlined. Essentially, the conversation is less about false positives and more about the ability to pinpoint the exact problem and have context on making the fix quickly and correctly. Black box says that an error is in a module but provides no guidance on how to remediate. I suspect that developers globally would be less annoyed if it told them an exact line of code that needs to be changed.
Let's not place all the blame on software vendors as much of it also belongs on folks who write magazine columns and industry analysts as well.
Have you read CIO magazine lately?
Gunnar acknowledges the lack of innovation in security which I fully agree. I wonder what would be his take on say BEA embedding the OWASP Enterprise Security API as part of their portal offering or Sun not only publicly declaring that they fully support the notion of static analysis, but they would also buy OunceLabs and make it freely available to others so that the ecosystem at least had a remote chance of becoming more secure?
I couldn't have said it better myself...
If you want to learn about CardSpace, OpenID, Federated Identity or identity management in general, this is the place to be. Best of all, this event is 100% free...
