Categories
Photo twenty twenty

Protect me from what you want – 04.06.

In Softwareprojekten an sich Aufgabe des Scrum Masters gegenüber dem Team und dem Product Owner oder dem allgemeinen Management. Häufig wird die Rolle als “Beschützer des Teams” wahrgenommen. Der Scrum Master soll dem Team helfen, eine realistische Einschätzung Ihrer Fähigkeiten abzugeben und nur Aufgaben zu committen, die realistisch in einem definierten Zeitrahmen geliefert werden können. Unter anderen Aufgaben dient diese dem Zweck, Erwartungshaltungen der Stakeholder zu managen und das Team vor überzogenen Ansprüchen zu schützen. Längerfristig führt das zu einem guten oder besseren Verhältnis zwischen allen Beteiligten, mit einem Vertrauen in gegenseitige Erwartungen und Aufgaben. Ein gutes Verhältnis wiederum hilft dabei, produktiver Software zu schreiben und Mehrwert zu liefern, anstatt Diskussionen zu führen.

Die paar Worte auf einer Fliese in einem Schaufenster beziehen sich mutmaßlich eher auf rein zwischenmenschliche Beziehungen. Dort ist es aber genau so wichtig, sich gegenseitig zu verstehen.

daily photo04.06.2020

Categories
Business & MBA

Constellation’s 2019 Enterprise Awards

Constellation Research published and awarded their Enterprise Awards to companies in 2019. R “Ray” Wang mentioned in a brief tweet:

By The Constellation Research Team Awards Showcase What Was Top Of Mind In Enterprise Technology At The End of The Decade This year the Constellation Research team attended over 270 events, engaged

Zoho: Winner of the 2019 ConstellationR Enterprise Software Award
Zoho: Winner of the 2019 ConstellationR Enterprise Software Award

The awards come in 9 distinct categories, that each comes with a elaborate description why the respective winner deserves the award.

  • BEST ENTERPRISE SOFTWARE STARTUP
  • BEST ENTERPRISE SOFTWARE VENDOR
  • BEST ENTERPRISE SERVICES VENDOR
  • BEST TECH ACQUISITION
  • BEST PARTNERSHIP
  • BEST CEO
  • BEST NEW ENTERPRISE CATEGORY
  • BEST NEW ENTERPRISE SOFTWARE MARKETING OF THE YEAR
  • BIGGEST TECH FLOP OF THE YEAR

Congrats to all the winners and nominees!

Source: Inside Constellation’s 2019 Enterprise Awards

Categories
Internet & Cloud

Kubernetes 1.17 released today – Open Source

Kubernetes 1.17 released today
Kubernetes Logo

Today Kubernetes released it’s version 1.17. The software is one of the most popular open source projects ever. It allows managing containerised applications and micro-services. The release arrives at the end of a regular development cycle.

After the project was announced in 2014 by two Google employees, it hit a first 1.0 milestone on July 2015. The project gained massive popularity in the cloud world because it enables scalable infrastructures and service. With the Kubernetes 1.0 release, Google partnered with the Linux Foundation to form the Cloud Native Computing Foundation (CNCF) as a new home for the technology.

Since Kubernetes became publicly available, it gained popularity quickly and today is commonly used as the main way to host microservice-based implementations, mostly because Kubernetes and its associated ecosystem provide a rich choice of tools with all the capabilities that are needed to address key concerns of any modern software architectures.

With Kubernetes 1.17 released today, the package comes with more details on the release in the Release Schedule or in particular on the Changelog.

Categories
Product, Projekt & Agile

The Road to Python3

When Python3 came out in 2009, it was already heavily debated. Python3 would be incompatible with previous versions of the popular language, but fix many drawbacks. While the vision was clear and the community initially planned to move forward much quicker. The demand for having a 2.x branch was so huge, however, that the community decided to extend support for 2.7 until the end of 2019. Stack Overflow took a look on why the path took so long.

The Road to Python3: Stack Overflow took a look.
Categories
Business & MBA

Unlock your product organization’s potential by defining “done”

Simplifying and aligning conversations with a definition of done

All too often, the task list for your teams shared project management tool shows items like “Create Workflow” or “Define Process”. Items that do resonate well in the flow of work and in the nexus of individuals. But they do fall short of allowing the rest of the organization to grasp the meaning and even fail to do so for the reporter when some time has passed.

Some consice expressions on expectations on what this story or ticket is about can do wonder to getting things done. Rather than “defining a a workflow”, for example the product management team would

  • Check for Duplicate Entries
  • Describe the Requirement
  • Outline all depending products
  • Draw a critical path
  • Align all stakeholders on the critical path
  • Communicate to the team

The core idea is to eliminate any discussion about when an issue, item or story is delivered and is unique across function. Of course, the above serves as an example and will vary by team and work, and needs revision in any particular scenario. Having specific action advise will help reducing debates and focus on an actual deliverable, that is done by all opinion.

Source: Unlock your product organization’s potential by defining “done”

Categories
Security & Privacy

Salesforce outage.

It appears Salesforce was shutting down its services May 17th 2019. Reason was a faulty configuration of scripting options, that allowed users to access to all their company’s Salesforce data. To prevent worse, Salesforce shut down.

Salesforce said the script only impacted customers of Salesforce Pardot – a business-to-business (B2B) marketing-focused CRM.

However, out of an abundance of caution, the company decided to take down all other Salesforce services, for both current and former Pardot customers.

Source: Faulty database script brings Salesforce to its knees | ZDNet

Categories
Business & MBA

VMware acquires Bitnami

Bitnami is a name that many may know from packaged applications available on the major cloud marketplaces. The company packages up applications for easier consumption and adoption, and the concept became quite popular. Today, VMWare announced the acquisition of Bitnami for an undisclosed amount of money.

VMware announced today that it’s acquiring Bitnami, the package application company that was a member of the Y Combinator Winter 2013 class. The companies didn’t share the purchase price. With Bitnami, the company can now deliver more than 130 popular software packages in a variety of formats, such as Docker containers or virtual machine, an […]

Source: VMware acquires Bitnami to deliver packaged applications anywhere | TechCrunch

Categories
Security & Privacy

Infosec community

Gerade brennt eine Security Diskussion darum, dass Videolan Updates für seinen Mediaplayer nur über http:// ausliefert. Auch meiner Meinung nach entspricht das nicht dem Standard von 2019, aber hey. Wohl hatten die Entwickler verschiedene Argumente, an dem Verfahren festzuhalten. Signaturen via gpg, Maintenance, Aufwand und so.

Jedenfalls eröffnet die Situation eine spannende Diskussion darüber was denn nun das richtige Vorgehen ist und vor allem: wer denn nun Recht hat. Die Videolan Community jedenfalls scheint die Kollegen von Infosec nicht sehr sympathisch wahrzunehmen.

Aus meiner professionellen Erfahrung muss ich leider konstatieren: auch anderswo gibt es keineswegs einen Zusammenhalt von Dev und Sec. Die Wahrnehmung wird in vielen Softwareentwicklungsteams sehr ähnlich sein. Viel mehr ist das ein ständiges sich gegenseitig sich anpöbeln. Ganz ähnlich wie in der beschriebenen Fall.

Das ist sogar nachvollziehbar weil es zwei Parteien sind, die individuelle Interessen vertreten. Und es gibt aus der Situation in der Regel auch keinen vernünftigen Ausweg, weil die Incentivierung der Teams nicht das gleiche Ziel anstreben. Security ist damit Teil eines Problems und nicht Teil einer Lösung.

“So könnt Ihr das nicht machen” eröffnen die einen, deren Auftrag es ist, Fehler in Software zu finden. “Hey, wir haben uns da Monatelang was dabei gedacht” halten Entwickler dann dagegen und schon ist die Debatte in vollem Gang.

Gerade weil in der Regel das Aufgabengebiet der Security Kollegen sich darauf beschränkt, Fehler aufzuzeigen, ist es für die gegenüber stehende Partei nur nachvollziehbar, jedes Audit als Quelle für zusätzliche, oft kaum nachvollziehbare Arbeit oder sogar Schikane wahrzunehmen.

Wenn Infosec auch einen Weg aufzeigen kann, der mit der Situation der Entwickler vereinbar ist, gelingt es sichere Software zu schreiben. Nur Fehler aufzuzeigen ist dafür zu wenig.

Im Fall von Videolan wird die Debatte nun öffentlich geführt, was nicht sehr schön zu verfolgen ist, aber es ist eine notwendige Debatte für jede tiefere Integration von Development und Security.

Categories
Internet & Cloud Product, Projekt & Agile

Fixing issues in Software

So machen Profis das.

Categories
Business & MBA Internet & Cloud

Change.

Yesterday, a software engineer, also new to the organization, roughly told me the following. The way the organisation plans projects is so different to what he is used to as a software engineer. Planning projects with a horizon of 12 or even 24 months is something he says he just cannot wrap his head around.

While this is very common and necessary in the hardware industry, it is indeed something terribly alienating software people. Software is typically treated as a living product, that takes tiny changes at a time, it is more governed towards a direction to take than having the one exact goal it has to hit by a specific date.

These very fundamental goals both mindsets follow make it difficult for change to happen. While the software engineer above obviously has a point to make, he cannot reach the people he needs to reach, because both sides are just too far apart.

At the same time, I don’t yet have an answer to the problem, but the problem itself became so obvious when this colleague told me he just doesn’t know what to say. The digital world does not yet have a common language, not to mention a common way to think about approaching problems, and unless this hurdle is taken, change will only happen slowly.