We are starting to see a large amount of Android phones such as the Droid and Xperia X10 (see a review here) and the (soon-to-be-released) first Google phone, Nexus One. With this, expect the number of apps to increase significantly. So with the increased number of apps, do these developers have the right tools to find and fix bugs? Take a look at the leader of phone applications-iPhone. There have been several posts (here and here) that recommend using the Clang static analyzer. Apple has taken it one step further, apparently rejecting iPhone apps that
Read More »
Our new documentation wiki is up and running! For awhile it seemed like we’d never do it. We have a team white board that records our panic level, and for several weeks, the level was up around “hysterical” and “wanting to open my own daycare”. We also have a white board in front of the doc area, in a hallway where everyone walks by to get to the kitchen. At one point when we were particularly frustrated with MediaWiki, the topic was “names for the new doc wiki”. A few good suggestions: Duh-Wiki Kwiki Wooki
Read More »
Just wrapped up a successful 2 day Embedded System Engineering conference in Stuttgart, Germany. This “all-German” show had just shy of 600 attendees, as well as about 60 individuals (representing the 20 or so companies exhibiting), so this was considered very good by the show organizers (who by the way did a fantastic job… the food here, for example, was as good as I’ve ever seen for such an event). The Klocwork booth was shared with our good friends at Emenda, and we had a choice spot that allowed a good flow of people. We
Read More »I have always been fascinated by the whole area of code vulnerabilities and security exploits and how hackers turn those issues into real-world problems for the rest of us. Jeremy Brown posted an interesting article on Jeremy’s Computer Security blog where he uses his security know-how to draw a straight line between a software vulnerability found with static analysis and a real 0day exploit on an open source project called gAlan. Jeremy takes us on a short journey where he finds an unprotected buffer with static analysis, creates an exploit payload to cause a buffer overrun, rewrites the
Read More »One of the biggest challenges that any IT leader is going to have to deal with is managing developers. As a class of people, you might think that they are generally supportive of each other. But in reality, they all live by a set of ruthless meritocracy that borders on being vicious, especially with each other. The simple fact is that no developer, no matter how much experience they do or don’t have, likes anybody else’s code but their own. Unfortunately, the only real way to develop quality software is to let developers review each
Read More »
Thought I would take a moment to share with you my experience at this year’s IP ESC show in Grenoble, France. First off, Grenoble is beautiful sitting at the foot of the French Alps. If you get the chance, go! Back to the show. This is typically the IP Show, but this year is the first that ESC has been added to the agenda. I don’t think it helped attendance-wise. From what I can tell, there are maybe 200-250 attendees in total. I spent the last couple of days sharing booth duty with our friends
Read More »Software developers and testers have some new tool choices to help with agile computing issues like velocity and automation. While agile is spotlighted in these products, practitioners of any methodology can benefit from these new products, according to vendors. Klocwork Inc., developer of automated source code analysis tools, is targeting the needs of agile development organizations with KlocworkInsightPro, a new suite of developer tools to help boost iteration velocity throughout the software development process. The suite includes tools for continuous static analysis, collaborative peer code reviews and automated code refactoring. Read More
Read More »
