Talking about Software Metric on S/W development, several methods are available in the real world project. Using these metrics, We can say that particular project requires more attention or requires more men-hours. Then suddenly I was thinking about resource management in S/W house. Just say that one programmer in S/W house is working with a team to create a project. In this case, we can say that this programmer has 1 load. This is the easiest part where the programmer can allocate the resource 100% to such project. On the next week, where he/she hasn’t finish the project, another request comes and asking whether he/she can help with another project, and the load is now 2 projects with 50% and 50% resource allocation (we can also say 30% and 70% resource allocation, depends on the project. Read the Project Load-Based Limitation below). So, using this linear approach each programmer has this load

Continue reading →

I believe it’s the time to upgrade my Thinkpad memory. The main reason is to use more VMWare instances and use Dynamips for my Cisco lab. My computer is Thinkpad T41 2373-1FA and from the info I’ve got from IBM website, my memory is PC2700 Cl2.5 333 MHz.

Continue reading →

Doing the right thing and doing things right is the every company’s goals. Productivity is always the number one reason to reduce production expenses and gain the most profit margins.

However, sometimes the Company forgets to look at employee involvement to support company to reach its stated goals. Company may use the best system and technology yet to leave the employee involvement behind will make a big waste as the employees are the entity that runs the system.

In what areas employees should be involved? What kind of methods to grab employee attention to support the Company through their involvement? Who will take the benefits from employee involvement?

This article will try to address those question based on a catering company named Air Catering as a case study to assess.

Continue reading →

The new revolution of software implementation has begun. After some decades when the world was offered by proprietary software produced by Microsoft, nowadays another approach is coming and unstoppable. This new revolution offers shareable software source code and available freely from the Internet. It means that user can now has a freedom to update and distribute the software as the freely as possible.

Continue reading →

Lego Company (’Company’) is a toy company based on Denmark (McNurlin, BC & Sprague, RH 2004). As one of the biggest toy company in the world, Lego, in year 1998, launch a new toy game called Mindstorm which is actually a lego toy with capability to run several commands from a computer, and it is programmable (McNurlin, BC & Sprague, RH 2004). Suddenly, the target of 12,000 toys sale became oversold into 100,000 units with 70 percent customers were ’old enough to vote’ (Keegan 2001).

Continue reading →

It was on July 20 2005 12:18PM when Fernando Gont sent an email to bugtraq (at) securityfocus.com, a security mailing list full of people submitting information about software bugs or vulnerabilities from any software or hardware product. On his email, Fernando Gont disclosed the information about “ICMP attacks against TCP” [Security Focus 2005a].

Theo de Raadt, leader of OpenBSD operating system which claimed to be the most secure operating system in the world (OpenBSD 2005), was the person that Fernando talked to and seemed that both person has the same understanding on how to fix the problem. Theo invited Fernando to join OpenBSD Hackathon which is the place for all of computer expert gathered to fix software problems. [KernelTrap 2005]

And the problem begun. As Fernando sent several notifications to CERT/CC and NISCC, and privately notified several open source projects including OpenBSD, NetBSD, FreeBSD and Linux, as well as larger vendors such as Microsoft, Cisco, and Sun Microsystems, his intention is to fix this problem together with software vendors before the problem will be publicly disclosed.[KernelTrap 2005]

Cisco then replied the email claiming that Cisco has the patent of his work but refuse to give further details. Later on the thread, Cisco then admit that Cisco had withdrawn their patent. Cisco even accused Fernando working with terrorist.[KernelTrap 2005]

Microsoft also replied the findings saying that Fernando should inform Microsoft confidentially yet Fernando found out that Microsoft refused to give him credits for the discovery.[KernelTrap 2005]

The discovery was supposedly to be made public by January 2005 but it was repeatedly delayed until April 2005 as many vendors were not ready with fixes.[KernelTrap 2005]

Fernando regretted the hesitate responds from vendors to fix the problem.[KernelTrap 2005] The main point of the case is the hesitation from vendors to fix the problems and the idea of patenting the technology finding that supposed to be owned by public.

Continue reading →

“Would you buy a car with the hood welded shut?”[ZDNET 2000]. Most people would answer no [ZDNET 2000]. Microsoft and other non-Open-Source software company have deliberately obstructed the availability of software source code. This practice, although adopted by many software companies, will lead to security problem as customers and users have no access to look inside the software product nor having the access to audit it. The customers and users should have the right to know what is inside the software and not just receive blind quality assurance that the software will not contain any secret code.

An approach presented by Open Source Initiative (OSI) and GNU GPL (GNU General Public License) provide software with several criterias and one of them is the availability of the source code in every software distribution. Using Open Source Software will lead to the freedom that customers or users will not fall into the pitfall of software licensing litigation, secure, and more ethical [Wheeler 2005]. Thus, the presence of source code will allow customers and users to have access to look inside the software product and have the chance to audit the software.

Continue reading →

In the book Security, Ethics & Electronic Commerce Systems – ECOM20002 compiled from Principles and Practice of Information Security by Volonino and Robinson, chapter 3, the common sources of risks are user ignorance, lack of enforceable policy, social engineering, excessive sharing, and revealing candor. How does the software company is not included as a source of risk for having a bad security design? Don’t they liable for the causes of security breaches?

Continue reading →