People change jobs. It’s a fact of life. And it’s dangerous.
While departing employees routinely stuff their pockets with Sharpies and paper clips to stock their home offices, it’s those piles of ones and zeroes walking out the door with them that should have us all terrified.
Consider this one finding cited in a brand new January 2017 white paper from Osterman Research: Fully 87% of departing employees take data they created and 28% take data created by others.
What are they taking, you ask? Nearly 90 took presentations or strategy documents, 31% took customer lists, and 25% took intellectual property. That last category is where program code fits. (And we’re not even talking about hackers.)
Some of this is intentional, some isn’t. The white paper notes that departmental so-called citizen developers are likely to have content on their personal devices. Part- or full-time telecommuters who use their home computers for work often have content stored locally. And yes, of course there are those who abscond with content on purpose. Limiting access does no good as these are the people who are supposed to have access.
But, some is intentional. The white paper discusses one software developer who learned she was to be terminated and began downloading “trade secrets,” which I interpret as code. The company initiated emergency legal action to prevent competitors from accessing the data. It happened at Goldman Sachs and even at security vendor Symantec.
Bob Spurzem, the go-to-market guru at Archive360 notes that it is common for developers that leave a company to take code with them. Beyond merely protecting a business’s data and other intellectual property when employees leave, “software developers require special attention,” he says.
“While we would like to believe this would never happen, a disgruntled developer leaving a business organization could steal code that equates to months, even years of work — putting a company’s competitive edge at serious risk,” Spurzem says. “These threats are very real. Dismissing them to the back burner is a dangerous mistake. Businesses must plan for and take the appropriate steps to mitigate the risk.”
As I see it, it’s not just access to code. It’s also about access to design specs, test scripts, and subscription-based public cloud platform-as-a-service development environments. It’s about spinning up servers and database instances. Who’s in charge of disabling the departed one’s accounts? Or is he or she still using these development tools? Who is administering the administrators?
Have you known colleagues to take application code? (Of course, you would never do this.) What did your company do about it? And what measures does your organization have in place to prevent theft of code? Share your thoughts, we’d like to hear from you.
The cloud, to varying degrees, did away with the need to manage huge, on-premises IT infrastructures. Fortunately, IT staffers on company payrolls were still needed to migrate apps and data, and manage these new-fangled, cloud-based, virtual infrastructures. Now, with 2017 just days away, it’s fair to ask if that management role is on the cusp of disappearing, too,
Not surprisingly, it’s Amazon shaking things up again. On Dec. 12, 2016, Amazon launched AWS Managed Services (AWSMS), essentially Amazon’s offer to provide fee-based infrastructure operations management for your enterprise.
In his blog post announcing the service, AWS chief evangelist Jeff Barr said organizations want to “relieve their staff of as many routine operational duties as possible.” You’ve got to wonder if the CFO interprets that as “relieving as many staff as possible.”
Targeting the Fortune 1000 and Global 2000 enterprises (yes, it’ll trickle down eventually), AWSMS, according to Barr is “backed up by a dedicated team of Amazon employees” ready to provide incident monitoring and resolution, change control, provisioning, patch management, security and access management, backup and restore, along with reporting. An IT department can connect AWSMS to its own management tools (if you still opt to have any) via a new API and command-line interface.
So, Amazon can host your entire IT operation and now manage every aspect of it. It can warehouse and fulfill customer orders for the products you sell. With its own in-the-making fleet of trucks, drones, and aircraft, it can package and ship to your customer’s door. It can provide credit-card processing.
With drone delivery now a reality after a successful tryout in the U.K., there’s isn’t much that Amazon can’t do, except, perhaps, for the actual act of coding new applications. And, of course, there are tools to vastly simplify that process, too.
After all of this, the only ones left standing could be application developers, despite — or thanks to — Amazon’s vast array of development tools. No matter how much of a business’s IT operation Amazon hosts, operates, or manages, Amazon can’t know what it is you want your application to do. For that reason, I can’t imagine AWS wanting to build applications for you.
The managed services aspect was previously the domain of specialized IT staffers or other third-party managed service providers (MSPs), typified by Rackspace, but Amazon — at least for now — has them covered. Instead of cutting MSPs out of the ecosystem, AWSMS is positioned to embrace them. Partners have the opportunity to provide four different services specific to AWSMS, including onboarding, integration with customer ITSMs, application migration, and application operations.
Where do you come down on this? Is your organization ready to cede ops management to AWSMS? How does this change your IT plans for 2017 and beyond? No doubt have pretty strong opinions about this. It’s the season for sharing, so share those opinions with us. We’d like to hear from you.
Here’s a line I’ve been writing for many years: Hardware is nothing more than software that breaks if you drop it. It’s true because everything from a toaster oven to thermostat to, well, just about anything else is loaded with embedded software. Even today’s vehicles are essentially little more than highly complex mobile computers with seating for five and cargo space.
While we’re busy gushing about the latest mobile and cloud applications, it is the software embedded in dishwashers, IoT sensors, microwave ovens, digital cameras, vehicles, and even self-synchronizing wall clocks that may be real stars. There’s a lot more to software than user-facing applications, after all.
According to data published in June 2016 by Global Market Insights, the embedded software market size, valued at $10.46 billion in 2015, is predicted to register a 7% compound annual growth rate (CAGR) through 2023, rising to about $18 billion.
One key driver is automotive. According to Global Market Insights, the automotive embedded systems market accounted for roughly 22% share in 2014, with CAGR gains estimated at 5.5% from 2016 to 2023. Smart vehicles, navigation capability, and car-to-road communication, along with the rise of hybrid and electric vehicles are behind the growing numbers.
Another obvious growth market is wearable devices. “Growing use of wearable embedded equipment across many applications like medical, security, fitness and safety is predicted to promote embedded software industry trends,” the report notes. Increasing customer demand for electronic equipment like computers, tablets and smartphones is predicted to enhance the demand for the industry further.
The report defines embedded software as consisting of tools, middleware, and operating systems. There’s a rise in the use of Java in mobile devices behind technologies that include near-field communications.
This is also about highly specialized real-time operating systems, such as VxWorks from Wind River, ThreadX from Express Logic, and the open-source Fusion Embedded RTOS from Unicoi Systems for starters.
If you’ve worked on embedded software of any kind, we’d like to hear from you. What is the nature of the software you’ve written and on what kinds of devices is it running? There’s lots to talk about and plenty of opportunity for software engineers looking to expand their horizons. Join the conversation.
Everyone asks me about “the cloud.” My barber. The supermarket cashier. Neighbors. They’ve all heard of it, though none has a clear understanding of what it is, precisely. My comeback is that I don’t know what it is, precisely, either. But, I do know that the concept of the cloud and, by extension, cloud culture, has become part of our societal fabric. As we approach the holiday season with a new year just around the corner, it’s worth taking a moment to look at the increasingly prominent role developers play.
Think about what we’re building. Every mobile app. Text messaging. Streaming movies. Paying bills online. Christmas shopping. Remote medical patient monitoring. Factory floor process control. Home and commercial building environmental control and automation. IoT. And there are new technologies — cognitive computing and machine learning, to name two. We’re awash in APIs. New languages seem to appear monthly. Even the advent of no-code / low-code products is freeing developers from mundane projects to tackle those are breaking new ground.
It’s all very good for developers. You get to continually look at new technologies, new languages, and new opportunities to profoundly impact a business’s operations and profitability.
It wasn’t that many years ago that developers were largely writing programs to do nightly batch updates of sales reports, inventory management, or statement rendering. Today, with exceptions becoming increasingly rare, transaction processing happens in real time with API calls that touch multiple data stores and systems, aggregate information on the fly, and present the results to an app with a carefully designed UI/UX.
There are downsides, of course.
The pressure is on to ship feature updates, often biweekly, with little time for thorough testing, fixing bugs, or optimizing code. Unfortunately, it’s part of functioning at “cloud speed.” And with developers now expected to take a larger collaborative role in working with business decision makers and IT operations, there’s precious little time to learn new skills. It’s the world of BizDevOps.
The news this week is filled with stories about hundreds of “fake apps” that have appeared in the Apple app store, pretending to be from well-known retailers, but which are total scams. (They’re not really fake apps — they are apps, after all, though of a fraudulent nature.)
Without a doubt, the role of developer is evolving. In your work as a cloud and mobile application developer, how have your responsibilities grown? What new technologies and languages are you working with? What are the new solutions that you’re being asked to build? Gaze into your crystal ball and share what you see ahead. We’d like to hear from you.
A key challenge in developing applications for the cloud age is dealing with the continually shrinking interval between updates. Why, then, is automation of release and deployment so rarely used?
In the mainframe days, applications were written to run on one and only one machine, not the billions of smartphones, tablets, and IoT devices we develop for today. Years could pass between updates. Even in the client-server days, apps were written to run on a small number of servers running network operating system. Application updates to add new functionality were still spaced far apart. Not so much anymore.
Today, it’s common for apps to get updated biweekly for competition-driven feature enhancements and seemingly daily for bug fixes. And we’re writing for billions of devices running a bunch of different operating systems, whose features change radically with each new version, and all sporting a veritable cornucopia of screen sizes and resolutions.
It makes you wonder why we’re all breaking our necks to develop apps faster if we’re not any good at shipping the code out the door.
You’d think that a faster time to market for would be competitively advantageous, or that rapid updates to fix the bugs that crept into yesterday’s update (due to inadequate testing) would drive any corporate or commercial developer to implement automated release management. But, no.
Theresa Lanowitz, CEO of the research firm voke (yes, with a lower-case “v”) opened my eyes to this in a new study just published by her firm called Market Snapshot Report: Release Management. In a lengthy conversation she expressed surprise that the use of automated release management isn’t more widespread.
Releasing software faster and with higher quality is a challenge for more than 60% of survey participants, Lanowitz said. Just 14% reported no issues. So, what are these challenges? Struggling to release faster was cited by two-thirds of respondents. Just behind was the struggle to release higher-quality software at 60%.
Separately, more than half of those surveyed admitted that their organizations had to delay one or more software versions due to problems with deployment or release. It makes you wonder why we’re all breaking our necks to develop apps faster if we’re not any good at shipping the code out the door.
For the very first time since voke initially started doing this longstanding recurring study, respondents indicated that quality is more important than release. Think about that.
It’s the case of a dog chasing its own tail. If apps were of better quality, they would likely not need to be released as often. And if you build something better in the first place, you have a better chance of satisfying the customer. Check your phone — does the near-daily frequency at which some apps release bug fixes lead to a fatigue factor among users? I think it does.
The voke survey also looked at the build and deploy phases of a development project. Regarding build approach, only 29% do continuous integration with automatic check-in of each build. Gated check-in in which check-ins are accepted only if the changes merge and build successfully, was practiced by just 19%. Further down the list are manual, scheduled, and rolling builds. As for deployment, automation through scripts was performed by 32% with manual scripts just behind at 31%. The use of containers, including as Docker, CoreOS, LXD, Kubernetes, and others, lagged far behind at just 9%.
Lanowitz characterized the lack of automation as surprising as well as damaging to the business, given that release management is not new. I’d call those adoption rates shockingly low.
How well does your organization do when it comes to release management? Are you fully or partially automated? Or are you still completely or primarily manual? What is the impact these practices has on bringing new versions to market quickly and on ensuring that releases are not being deployed to fix bugs in prior releases? Share your experiences with us; we’d like to hear from you.
Decades ago, legend has it, many programmers got paid based on the number of lines of code they wrote. The more you produced, the better you were perceived to be. The inevitable result, not surprisingly, was mountains of bloated, inefficient code. Are we coming back to it?
Once organizations wised up to the foolhardy belief that those who produced the most code were the best, the push was on to write tight, concise, efficient code. After all, in the mainframe days when you typically had only 64 kilobytes of magnetic core memory to work with, throwing more iron at slow-running applications was a very expensive — and usually impossible — proposition. Though tools existed to exercise all the code in a program for logic errors (including hopefully never used exception processing routines), analyzing code for inefficiencies — such as poorly designed “perform until varying after” loops in Cobol — was something of a magic act.
What eventually changed was the plummeting cost of compute resources and memory. Once you were able to throw a shelf full of inexpensive Compaq Systempro servers and NetWare 2.15 at a problem, it was often easier to solve slow execution with more hardware than it was to hunt down poorly written lines of code. And now with megabytes of memory available for programs to run in, the need for memory management (anyone remember writing overlays?) began to disappear.
I fear the problem of bloated code, slow execution, and software quality is not getting better. We’ve made it easy — and perhaps necessary — to create inefficient code.
Today, we have business cycles that demand huge changes in application functionality almost weekly instead of once every two years. There’s simply not enough time to go back and fix inefficient code that was rushed out the door. Compute resources, including processing power, gigabytes of memory, and petabytes of storage, are so cheap as to be nearly free in comparison to mainframes. With cloud, it’s easy to scale infrastructure resources by orders of magnitude and do it almost instantaneously. No-code / low-code tools are generating code for us, but how good is that code? With streaming analytics we can examine everything, whether it’s central to the direct creation of revenue or not. Developers can easily tap into an enormous number of reusable libraries with a full understanding of what they do but no insight into how well they do it. Even with the API explosion that is upon us, we scrutinize their security while their performance efficiency likely is never called into question.
Is the idea of writing phenomenally tight code simply passé? Are you continually under the gun to get your code working, ship it, and move on? Are you proud of the code you write? No doubt you’ve thought about this before. Share those thoughts with us; we’d like to hear from you.
We’ve written many stories over the past year about cognitive computing, machine learning, and artificial intelligence — which are all, for lack of a better term, kissin’ cousins of modern-day computing. These are all growing in importance and taking on a larger presence. That means the big boys are going all in.
This week’s entry into artificial intelligence (AI) is Microsoft, which just launched its new Microsoft AI and Research Group, staffed with more than 5,000 people. This follows closely Microsoft’s late-August acquisition of AI startup Genee and September’s revelation that field programmable gate array chips are now deployed in its Azure datacenters worldwide. That translates into highly scalable AI.
If you are an applications developer, You must add AI, cognitive computing, machine learning, and analytics expertise to your skills portfolio.
According to Microsoft, the mission behind this major investment is the “democratization” of AI for individuals and organizations, broadening accessability, increasing its usefulness, and “ultimately enabling new ways to solve some of society’s toughest challenges.” Keep that word, democratizing, close at hand; Microsoft is using it frequently in its corporate communications.
The buzzword is fine, but what does democratization encompass? According to the company’s statements, it’s comprised of four key aspects, agents, applications, services, and infrastructure. That doesn’t seem very different than the garden-variety cloud computing we’re all dealing with today, suggesting natural evolution.
- Agents, such as Microsoft’s digital personal assistant Cortana, is intended to harness AI’s capabilities to change human and computer interaction.
- Applications, ranging from smartphone photo apps to Skype and Office 365, will be infused with cognitive capabilities — vision and speech — though what that means in practical terms isn’t clear.
- Services, including the aforementioned vision and speech, along with analytics, will be made available to application developers.
- Infrastructure, essentially on Azure-based AI supercomputers, will be available to any individual and organization.
What’s really going on here? A likely underlying strategy is to inject new life into the Windows universe. We are living at a time where the importance, influence, and ubiquitousness of Windows is on the wane. With the failure of the Windows phone platform (several times over), it’s easy for businesses to go all in on iOS and Android for their mobile computing needs. The Microsoft Surface hardware business is a last gasp effort to keep Windows alive other than on the desktop.
We are living at a time where the importance, influence, and ubiquitousness of Windows is on the wane.
The path to future career success is coming into clear focus. Even the White House is requesting more information about AI, a clear indication of the technology’s importance. If you are an applications developer, You must add AI, cognitive computing, machine learning, and analytics expertise to your skills portfolio. Microsoft itself is going into a hiring frenzy to transform its AI vision into reality.
What is your comfort level with AI? Are you currently working on projects that involve AI and cognitive computing? What do you expect the future to look like? Share your thoughts and concerns; we’d like to hear from you.
It hasn’t taken long — only about a year — for so-called no-code/low-code application development tools to go from loathed to loved. But, as someone who makes your living as a professional software developer, how do you feel about departmental, line-of-business employees using NCLC tools to build applications? Is NCLC a boon or a threat?
The opinions I’ve heard from developers span a wide spectrum.
The current thinking is that if we can shift the building of mundane reports, query apps, or other batch processing to LOB workers who have some understanding of IT, let’s go ahead and do it. The LOB department gets what it wants (or at least what it thinks it wants) and IT’s developers are freed from the mundane to do development on projects that are genuine more interesting or crucial.
Sure, this makes sense, but there will always need to be a degree of oversight from IT, perhaps to make secure connections to the corporation’s databases or implement access control. And there’s the matter of who pays for the compute resources and whether they are provisioned in the most effective and economical way.
I’ve also heard opinions that building applications is the domain of developers and should remain that way. While that was nearly always the case in the ancient days of IT before the cloud, that view, in my opinion, is simply out of step with the times. In an era when apps are sometimes updated nearly daily (compared with perhaps every two years in the old mainframe world), whatever tools and staff get you there with speed and competence are going to win the day.
Python, Java, Swift, C++, R, Scala, and a horde of other languages are not going to meet their demise anytime soon, but it’s clear that NCLC tools , built on a foundation of templates, microservices, and APIs are insulating LOB departments from the raw plumbing that you and I know makes all of this go.
So, professional applications developer, let’s hear from you. What do really think of NCLC tools? Do they free you from tasks you don’t like doing so you can work on more-interesting projects? Are they threatening the security of your organization’s data and infrastructure? Are NCLC tools dumbing-down the art form of application development to a point where anyone can do it? None of that sugar coating — tell us what you really think; we’d like to hear from you.
It’s official. I’ve just returned from watching Apple announce the iPhone 7 and iPhone 7 Plus. And yes, the headphone jack is gone. This is a family-friendly blog, so, I won’t say what I’m really thinking about that change. There is news for developers, however. And that news is good.
While the talk was about the new Apple Watch, and the vast improvements to the camera and audio aspects of the iPhone 7 and iPhone 7 Plus, applications developers did get recognized: APIs were mentioned twice. Granted, this was a product launch, not a developer seminar, but any mention of APIs in a mainstream discussion is darn good.
The first major change of note to developers is with the iPhone’s Home button. It has been completely redesigned to make it, in Apple’s words, “customizable and more responsive.” Beginning with the iPhone 7 and 7 Plus, the Home button is now force sensitive and works with a new taptic engine to provide feedback. To accomplish that, the button is no longer the push-down/pop-up mechanical affair we’ve dealt with for the past several years. It’s all solid state. Fewer mechanical parts means fewer things to break and fewer places where water can infiltrate, helping Apple achieve an overall design goal of dust and water resistance that complies with the IP67 protection standard.
Developers can leverage the new Home button’s taptic capability through the Apple Taptic Engine API. That means, according to Apple, that third-party developers can “create new feelings and experiences,” whatever those might be. I’m not imaginative enough to conjure up how an app might use this new Home button capability, but, it’s there if you can find a use for it.
The second mention of APIs came during the presentation of several amazing new camera capabilities. In addition to supporting a wider color gamut than before, the iPhone 7 models (at last) support RAW and DNG (digital negative) formats.
JPEG is no good for serious photographic work because it is an 8-bit file format that uses the small sRGB color space and compresses the image every time it’s saved, throwing out data. RAW, on the other hand, is simply an unprocessed, uncompressed pass-through of what the camera sensor sees, essential for high-quality work. It’s usually in 16-bit format that contains 14 bits of data. And RAW doesn’t compress the vast range of colors the sensor sees into the miserably small sRGB color space. On top of that, DNG is Adobe’s attempt to place a standardized wrapper around the many hundreds of proprietary RAW formats that exist industrywide for various camera models.
That Apple is supporting RAW and DNG is thrilling to serious photographers. Even better, if you’re a developer of a photo-editing, post-processing, or special-effects app (and there are many, many hundreds of them), this is a golden opportunity to recast your application as something that’s on the leading edge of smartphone photography. Yes, indeed, Apple is opening up a whole new vista for app developers.
Curiously, not one word was said during Apple’s event about how the new iPhones function as telephones. That function seems to have been forgotten as smartphones evolve into communicators, controllers, music players, and game platforms. Yes, lots of games were demonstrated, including the arrival of Super Mario and Pokemon Go to the iPhone platform for the first time ever. If you are a game developer, the new, powerful graphics engine is right up your alley.
As for elimination of the headphone jack, I don’t like it one bit, even though there will be an audio-jack-to-Lightning adapter bundled with each phone to support legacy analog earpods and headphones. That doesn’t solve my desire to keep the device plugged into a charger and into my stereo system simultaneously. It’s partially a push to sell Apple’s new $169 wireless earpods. No one has explained to me how you’ll protect against loss if one (or both) pop out while you’re jogging.
What do you see as the app development opportunities in the new iPhone 7 and 7 Plus? Have you been working with the iOS 10 SDK? Share your opinions; we’d like to hear from you.
When technology vendors do dumb things, you can pretty much count on reading a gleeful retelling of the sordid details in this space. After all, if there’s one thing I’m never short of, it’s opinions. Conversely, when those same vendors do something laudable, I feel obligated to play it both ways and say well done. Today, it’s Apple’s turn over a smart move it’s making in the App Store.
Starting Sept. 7, Apple is pulling the plug on apps that appear to have been abandoned, are multiple iOS versions behind in compatibility updates, or simply don’t measure up to Apple’s grand vision. That’s good news all around. In Apple’s own words, “We are implementing an ongoing process of evaluating apps, removing apps that no longer function as intended, don’t follow current review guidelines, or are outdated.” I urge you to visit that link and read the information carefully.
If you’re a lazy developer who hasn’t invested the necessary time to keep your app up to date for changes in screen sizes and resolution, or leverage features added to iOS over the last several years, you don’t deserve to have your app listed. If that’s you, it’s time for some Swift action lest your app get the boot. Existing users will not lost any app functionality, services will not be interrupted, and in-app purchases will remain enabled. As for new users, well, there won’t be any.
For developers who do invest the time, this is great news. With more than two million apps currently listed and roughly 100,000 new app additions or updates submitted weekly, culling the catalog should help make those that remain a bit more discoverable. And, as you know, the inability for apps to be discovered easily has plagued the App Store for years.
If the long arm of Apple reaches out to you, be warned. You have but 30 days to make it right. After that, the app is zapped. There’s also an even more potentially dire situation for you: If it’s discovered your app crashes on startup, it gets removed from the app store immediately with no grace period.
But wait, there’s more. In the letter that Apple sent to developers (and made public by iOS developer and good samaritan Jake Marsh) the company said app names can no longer exceed 50 characters in length. That means no more stuffing desirable search terms in an app name, regardless of what that app does. It’s a good way to bring some discipline to a Wild West app shopping environment.
Though I don’t know what pushed Apple toward this posture, it’s welcome, especially if you’re a developer hoping and praying you can generate a revenue stream from your beloved app that just can’t seem to get noticed.
Do you develop for the Apple App Store? What do you think of Apple’s desire to clean house? Are your apps up to date? If not, why not? Share your thoughts with us; we’d like to hear from you.